This posting is here to collect cyber security news in April 2026.
I post links to security vulnerability news to comments of this article.
You are also free to post related links to comments.
This posting is here to collect cyber security news in April 2026.
I post links to security vulnerability news to comments of this article.
You are also free to post related links to comments.
61 Comments
Tomi Engdahl says:
Gian Volpicelli / Bloomberg:
The EU unveils an open-source age verification app, which requires showing ID, to shield kids from harmful content, setting the standard for verification tech — The European Union has unveiled an app to confirm users’ age online, setting the standard for verification technology …
https://www.bloomberg.com/news/articles/2026-04-15/eu-unveils-age-verification-app-as-social-media-bans-gain-steam
Tomi Engdahl says:
Matt Burgess / Wired:
Analysis: nearly 90 schools and 600+ students globally have been impacted by AI-generated deepfake nudes; North America had nearly 30 reported cases since 2023 — An analysis by WIRED and Indicator found nearly 90 schools and 600 students around the world impacted by AI-generated deepfake nude images …
The Deepfake Nudes Crisis in Schools Is Much Worse Than You Thought
An analysis by WIRED and Indicator found nearly 90 schools and 600 students around the world impacted by AI-generated deepfake nude images—and the problem shows no signs of going away.
https://www.wired.com/story/deepfake-nudify-schools-global-crisis/
Tomi Engdahl says:
ICS/OT
Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure
https://www.securityweek.com/sweden-blames-pro-russian-group-for-cyberattack-last-year-on-its-energy-infrastructure/
In what was Sweden’s first public mention of the attack, the country’s minister for civil defense said it targeted a heating plant in western Sweden.
Tomi Engdahl says:
Fiona Kelliher / MIT Technology Review:
How cyberscammers are bypassing major banks’ KYC facial scans using stolen biometric data and virtual camera tools sold via Telegram channels — EXECUTIVE SUMMARY — From inside a money-laundering center in Cambodia, an employee opens a popular Vietnamese banking app on his phone.
Cyberscammers are bypassing banks’ security with illicit tools sold on Telegram
https://www.technologyreview.com/2026/04/15/1135898/cyberscammers-bypassing-bank-telegram/
MIT Technology Review identified nearly two dozen channels and groups purporting to break major crypto exchanges and name-brand banks.
From inside a money-laundering center in Cambodia, an employee opens a popular Vietnamese banking app on his phone. The app asks him to upload a photo associated with the account, so he clicks on a picture of a 30-something Asian man.
Next, the app requests to open the camera for a video “liveness” check. The scammer holds up a static image of a woman bearing no resemblance to the man who owns the account. After a 90-second wait—as the app tells him to readjust the face inside the frame—he’s in.
The exploit he’s demonstrating, in a video shared with me by a cyberscam researcher named Hieu Minh Ngo, is possible thanks to one of a growing range of illicit hacking services, readily available for purchase on Telegram, that are designed to break “Know Your Customer” (KYC) facial scans.
These banking and crypto safeguards are supposed to confirm that an account belongs to a real person, and that the user’s face matches the identity documents that were provided to open the account. But scammers are bypassing them in order to open mule accounts and launder money. Rather than using a live phone camera feed for a liveness check, the hacks typically deploy a tool known as a virtual camera. Users can replace the video stream with other videos or photos—depicting a real or deepfake person or even an object.
Tomi Engdahl says:
BlueHammer: Inside the Windows Zero-Day
Written by Admin | April 7, 2026 4:06:30 PM Z
Summary
On April 3rd, 2026, a security researcher operating under the alias “Chaotic Eclipse” dropped a fully functional Windows local privilege escalation exploit on GitHub – no coordinated disclosure, no CVE, no patch. Just working exploit code and a pointed message to Microsoft’s Security Response Center: “I was not bluffing Microsoft, and I’m doing it again.”
https://www.cyderes.com/howler-cell/windows-zero-day-bluehammer
Tomi Engdahl says:
BlueHammer & RedSun: Windows Defender CVE-2026-33825 Zero-day Vulnerability Explained
https://www.picussecurity.com/resource/blog/bluehammer-redsun-windows-defender-cve-2026-33825-zero-day-vulnerability-explained
On April 7, 2026, a zero-day vulnerability in Microsoft Defender, tracked as CVE-2026-33825, was publicly disclosed alongside a working proof-of-concept exploit. The vulnerability enables local privilege escalation, allowing an unprivileged user to gain SYSTEM-level access on fully patched Windows 10 and Windows 11 systems. The exploit, referred to as “BlueHammer”, was released prior to the availability of an official fix, making it a true zero-day at the time of disclosure.
In this blog, we explain how the Windows Defender CVE-2026-33825 vulnerability works, its real-world risk to organizations, and provide practical steps for validation and remediation.
Tomi Engdahl says:
Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
https://www.bleepingcomputer.com/news/security/disgruntled-researcher-leaks-bluehammer-windows-zero-day-exploit/
Tomi Engdahl says:
Read why it can be hacked so fast: https://cnews.link/eu-age-verification-app-hack/
#hack #EU #app
Tomi Engdahl says:
https://etn.fi/index.php/13-news/18796-nokia-tuo-ddos-suojauksen-suoraan-verkon-ytimeen
Nokia ja Cinia tuovat Suomeen uuden mallin kriittisen infrastruktuurin suojaamiseen. Kyse ei ole erillisestä turvakerroksesta, vaan ratkaisusta, joka on rakennettu suoraan IP-verkon sisään.
Cinia ottaa käyttöön Nokian Deepfield Defender -teknologiaan perustuvan palvelun, joka tunnistaa ja torjuu palvelunestohyökkäykset reaaliajassa. Tavoitteena on varmistaa, että yhteiskunnan kannalta kriittiset yhteydet pysyvät toiminnassa myös yhä monimutkaisemmassa uhkaympäristössä.
Ratkaisun ydin on siinä, että se hyödyntää suoraan verkon omaa telemetriadataa, kuten IP-liikennevirtoja, BGP-reititystietoa ja DNS-kyselyitä. Näin liikenteestä saadaan kokonaiskuva ilman erillisiä mittalaitteita tai liikenteen purkamista. Analytiikka yhdistetään Nokian ylläpitämään internetin tilannekuvaan, mikä auttaa tunnistamaan poikkeamat ja hyökkäykset nopeasti.
Teknisesti lähestymistapa poikkeaa perinteisistä DDoS-suojauksista, joissa liikennettä ohjataan erillisiin suodatuskeskuksiin. Nyt torjunta tapahtuu suoraan verkon sisällä, mikä lyhentää reagointiaikaa ja vähentää viivettä. Nokian mukaan ratkaisu mahdollistaa koko verkon laajuisen näkyvyyden ja kontekstin ymmärtämisen myös tilanteissa, joissa liikenne on salattua.
Tomi Engdahl says:
Read more: https://cnews.link/eu-age-verification-app-hack/
Tomi Engdahl says:
Anthropic won’t own MCP ‘design flaw’ putting 200K servers at risk, researchers say
Bug or feature?
https://www.theregister.com/2026/04/16/anthropic_mcp_design_flaw/
A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into Anthropic’s official Model Context Protocol (MCP) puts as many as 200,000 servers at risk of complete takeover, according to security researchers.
The Ox research team says they “repeatedly” asked Anthropic to patch the root issue, and were repeatedly told the protocol works just fine, thank you, despite 10 (so far) high- and critical-severity CVEs issued for individual open source tools and AI agents that use MCP. A root patch, according to Ox, could have reduced risk across software packages totaling more than 150 million downloads and protected millions of downstream users.
Anthropic “declined to modify the protocol’s architecture, citing the behavior as ‘expected,’” Ox researchers Moshe Siman Tov Bustan, Mustafa Naamnih, Nir Zadok, and Roni Bar said in a blog about their research, which began in November 2025 and included more than 30 responsible disclosure processes.
According to the security sleuths, the root issue lies in MCP, an open source protocol originally developed by Anthropic that LLMs, AI applications, and agents use to connect to external data, systems, and one another. It works across programming languages – which means any developer using Anthropic’s official MCP software development kit across any supported language, including Python, TypeScript, Java, and Rust, inherits this vulnerability.
MCP uses STDIO (standard input/output) as a local transport mechanism for an AI application to spawn an MCP server as a subprocess. “But in practice it actually lets anyone run any arbitrary OS command, if the command successfully creates an STDIO server it will return the handle, but when given a different command, it returns an error after the command is executed,” the Ox researchers wrote.
Abusing this logic can lead to four different types of vulnerabilities.
All roads lead to RCE
The first type of vulnerability, unauthenticated and authenticated command injection, allows an attacker to enter user-controlled commands that will run directly on the server without authentication or sanitization. This can lead to total system compromise, and any AI framework with a publicly facing UI is vulnerable, we’re told.
The second attack vector, unauthenticated command injection with hardening bypass, allows miscreants to bypass protections and user input sanitization implemented by developers to run commands directly on the server.
The third type of vulnerability allows zero-click prompt injection across AI integrated development environments (IDEs) and coding assistants such as Windsurf, Claude Code, Cursor, Gemini-CLI, and GitHub Copilot.
All of the other IDEs and vendors – including Google, Microsoft, and Anthropic – said this was a known issue, or not a valid security vulnerability because it requires explicit user permission to modify the file.
Finally, the fourth vulnerability family can be delivered through MCP marketplaces, and the threat hunters say they “successfully poisoned” nine out of 11 of these marketplaces – but using a proof-of-concept MCP that runs a command generating an empty file, not malware.
“The marketplaces that accepted our submission include platforms with hundreds of thousands of monthly visitors,” the security shop wrote. “A single malicious MCP entry in any of these directories could be installed by thousands of developers before detection – each installation giving an attacker arbitrary command execution on the developer’s machine.”