Sign in Subscribe
8 min read Newsletters

this week in security — april 26 2026 edition

Vercel hacked and customer data stolen, Apple fixes bug that cached deleted Signal messages, spy vendors caught tapping phone telcos, North Korea's very lucrative crypto heists, unauthorized access to Anthropic Mythos model, and more.
~ ~

Vercel says it was hacked and finds evidence of past customer breaches
TechCrunch ($): Cloud app hosting giant Vercel was hacked at some point in April, though the company won't say exactly when, but blamed the intrusion on an employee downloading an app from a startup, Context AI, whose product had been compromised, likely originating from an infostealer. The Vercel employee connected the app to their work account, allowing the hackers in and access to internal Vercel systems. (But don't blame the employee — a lot of things went wrong here.) Vercel won't say how many customers had private data and environments' private keys stolen, but said it had notified affected customers of their intrusions and data thefts. The hackers appear to be selling the data online. Vercel said it later found that some customers had account compromises that predated its breach, and it's unclear why the company didn't notice those earlier breaches sooner. A lot of moving parts here, but the breach is unlikely to be limited to just Context AI or Vercel, and we can probably expect some downstream fallout to land down the line. (Disclosure: I wrote this story!)
More: Vercel | Hudson Rock | Bleeping Computer | Cyberscoop | HelpNetSecurity

Vercel post on X: "Our investigation has revealed that the incident originated from a third-party AI tool with hundreds of users whose Google Workspace OAuth app was compromised. We recommend that Google Workspace Administrators check for usage of this app immediately."

U.S. and allied nations warn of covert Chinese botnets running out of everyday routers
CISA: The U.S. and some of its top allies are warning of China's renewed effort to construct and maintain botnets that hijack regular home and office routers, and poorly secured internet-connected smart devices. The goal is to hijack regular internet connections to route malicious traffic through residential homes to make it more difficult for U.S. spies to detect. The China-backed hackers, known as the Typhoon family (Salt, Flax, and Volt) are all focused on different goals with the eventual aim of helping to cause disruption in the event of China's anticipated invasion of Taiwan. This includes activating malware to cause disruption at a moment of advantage to China. CISA says at least 200,000 routers have been ensnared by one botnet alone, and some homes are actually funneling multiple botnets through their routers. 
More: Cyberscoop | DarkReading | CybersecurityDive

Spy vendors caught abusing telecom access to track people's locations
Citizen Lab: New research from Citizen Lab's researchers found at least two surveillance vendors — one said to be an Israeli geolocation data monitor and another unnamed company — abusing access to global phone networks in order to grab people's real-time location data. The access relies on piggybacking the telcos' access to SS7 and Diameter, the two protocols that seamlessly route 3G, 4G, and 5G calls, messages, and data across the world's phone networks. But these protocols are long known to be buggy, and can be (and regularly are) abused by bad actors, often by posing as legitimate phone carriers. One of the Citizen Lab researchers said this detected activity was the tip of the iceberg and warned of widespread abuses of the phone networks. There's no real fix to this issue, except for a global concerted effort to rearchitect and secure the phone networks… which we all know will happen… never.
More: TechCrunch ($) | The Record | Reuters ($)

Anthropic admits some people had unauthorized access to unreleased cyber model, Mythos
Bloomberg ($): Anthropic has kept its new Mythos model under close lock-and-key amid its claims (heavy wink) that the model has powerful offensive hacking capabilities capable of autonomously hacking some systems with ease. Some big customers have been granted access to Mythos, like Amazon, Apple, and Cisco, to fix their own stuff ahead of a possible wider release. Yet… Anthropic had to admit this week that some AI enthusiasts from a private Discord channel apparently gained unauthorized access to the model in part by guessing the model's URL. Per Bloomberg ($), which broke the story, the Discord nerds said they are "interested in playing around with new models, not wreaking havoc with them." They said they figured out the location of Mythos because an earlier breach at AI startup Mercor (which works with Anthropic and OpenAI) revealed an easy-to-guess format for where Mythos' unreleased model was located. The Verge ($) called the incident flat out "embarrassingly unsophisticated." 
More: The Verge ($) | Forbes ($) | Metacurity ($) | The Guardian ($) | BBC News ($)

Natasha Mascerenhas post on X: "The @rachelmetz unauthorized mythos access story has entered the indian suburban aunty uncle group chat. No system can contain this level of escalation"

~ ~

PLEASE SUPPORT THIS NEWSLETTER!

~this week in security~ is my weekly cybersecurity newsletter supported by readers like you. Please consider signing up for a paying subscription starting at $10/month for exclusive articles, analysis, and more.

Or, you can submit a one-time tip to show your support!

Subscribe to support this newsletter

~ ~

A third ransomware negotiator has pleaded guilty to helping ransomware gang
DataBreaches.net: A third ransomware negotiator, Angelo Martino, has pleaded guilty to helping the notorious ALPHV/BlackCat gang to deploy ransomware against U.S. companies. Two other ransomware negotiators previously pleaded guilty to the scheme that targeted U.S. businesses.

New supply chain hack targets Checkmarx tool, hits Bitwarden npm channel
Bleeping Computer: Security firm Checkmarx says its free and open-source tool that scans for security flaws, dubbed Keeping Infrastructure as Code Secure (or KICS), was compromised and that its Docker, VSCode, and Open VSX extensions were manipulated to steal users' credentials. Open source security monitor Socket says the command line interface for Bitwarden's password manager was also compromised as a result of Checkmarx's supply chain attack.

North Koreans make off with $292 million in latest crypto heist
Coindesk: Kelp DAO, a cross-chain bridge that allows users to facilitate transactions across different blockchains and currencies, was hacked to the tune of about $292 million. The hack was blamed on North Korea. This comes after the hackers stole some $285 million from Drift earlier in April. That's half a billion dollars in funds nabbed in a fortnight… 

U.K. High Court says public face scanning is legal
The Register: The U.K.'s top civil court says London police can still use facial recognition across the British capital, despite a case brought by an anti-knife campaigner who police falsely identified as a criminal suspect using facial scans. The court says [PDF] that the tech doesn't violate U.K. human rights law. Researchers have long warned that facial recognition is flawed. Per The Register, the police's last review of the tech found some 80% of false positives were made on Black people.

Doctors are recording patients with AI tools — you can say no
Mystery AI Hype Theater 3000: The very excellent @emilymbender wrote about the risks of using AI tools in medical settings, from doctor's offices to therapists. There are a litany of privacy, security, and accuracy issues to consider, and you should be able to decline and opt-out. (I also wrote some words ($) about this!)

~ ~

Mastodon, Bluesky slammed by DDoS attacks: Last week, kinda-decentralized social site Bluesky was hit by a distributed denial-of-service attack. This week, Mastodon's flagship server, mastodon.social, was briefly downed by a similar incident. The broader Mastodon universe seemed fine, thanks to the federated nature of its technology means there is no single point-of-failure. 

Ana post on Mastodon: "fools! by DDOSing mastodon social you only make us stronger"

U.K. Biobank's years of breaches: A dataset of highly sensitive health data and biological samples of half-a-million U.K. people used for academic research was listed for sale on Chinese shopping site Alibaba, prompting the U.K. government to ask Beijing and Alibaba for help to pull the dataset offline. This isn't the first major security lapse involving Biobank's highly sensitive medical information. While the data is de-identified, it can still be easy to figure out who these people are. (via BBC News ($), Luc Rocher)

Apple fixes bug caching deleted messages: Apple rolled out iOS 28.4.2 (and backported to iOS 18) to fix a bug that was caching the contents of iPhone and iPad device notifications for about a month. This meant that the contents of private and encrypted messages, like Signal, were obtainable by cops long after the messages vanished from the app. Major props to 404 Media ($) for first discovering this issue. (via TechCrunch ($), 9to5Mac, @signal)

Signal post on Bluesky: "We are very happy that today Apple issued a patch and a security advisory. This comes following 404 Media reporting that the FBI accessed Signal message notification content via iOS despite the app being deleted."

La France, le hacked: France Titres, the government agency for issuing and managing identity documents like passports, national ID cards, driver's licenses, had a data breach (en français) affecting its online portal. It's not clear how the data was breached, but noted that the data included personal information relating to portal account holders (rather than their actual documents). A hacker's listing claims to have between 18 and 19 million accounts. (via Ministre de l'Intérieur, Bleeping Computer, The Register)

Plankey pulls plug on CISA job: Trump's twice-picked nomination to run U.S. cyber agency CISA, Sean Plankey, has asked the White House to pull his name from the top-job spot. Plankey said it was clear that the Senate wasn't going to vote on him getting the job. CISA still doesn't have a permanent, Senate-confirmed director since Trump took office in January 2025. (via The New York Times ($), @ericjgeller.com)

~ ~

With the news out of the way, it's time to dip into the calm and peaceful zone that we call the happy corner. Just a couple of things this week:

This is by far the best explanation of multi-factor authentication that you'll see today.

an animated GIF titled: "Here's why two-factor authentication matters," with a bird lifting a metal cloche uncovering cheese, and the bird takes a bite. the second shot shows a second cloche over the first, and the bird unable to lift both of the cloches to get the cheese.

And I just found my next out-of-office autoreply. (Failing that, my own personal favorite was: "I am out-of-office. If you need me for something, you'll have to find me first.") Got one of your own? I might share some of the best next week…!

donni saphire post on Mastodon: "Due to personal reasons, I will be in the trees, leaping from branch to branch"

Got good news to share? Get in touch! this@weekinsecurity.com.

~ ~

This week's cyber cat is Miss Cat, who can be seen judging your cybersecurity posture from her seat at the breakfast bar. Thanks so much to Mitch P. for sending in!

Miss Cat is a tabby kitty who can be seen here sat on a chair at the breakfast bar, looking at the camera.

🐈 Send in your cyber cats! 🐈‍⬛ Got a cat or a non-feline friend? Send me an email with their photo and name and they will be featured in a later newsletter!

~ ~

That's all for this week. And breeeeeeeeeathe! Let's do this all over again next week? I'll be back next Sunday with your usual digest of everything you need to know in cyber.

Thank you so much for reading. Please do get in touch if you have anything to share for next week's dispatch or beyond. And do let me know if there's anything you want to see on the blog; I'm always keen to hear your suggestions of topics, tech, and incident post-mortems and more that you're interested in reading more about. I have a couple of fun blog posts in the pipeline that I think you'll like.

Take it easy,
@zackwhittaker