Weekly Cyber Threat Intelligence Q&A: April 27 Edition

This week's threat intelligence bulletin highlights a surge in sophisticated attacks, including supply-chain compromises, AI-powered exploitation, and critical vulnerabilities across major platforms. Below, we answer key questions about the most significant incidents reported as of April 27.

What cloud platform and identity document breaches occurred this week?

Two notable breaches shook the tech and government sectors. First, Vercel, a frontend cloud platform, disclosed a security incident linked to a compromise at Context.ai. Attackers stole OAuth tokens from the connected app, gaining unauthorized access to employee data, internal logs, and a subset of environment variables. Vercel confirmed that the most sensitive secrets remained protected. Second, France Titres, France's authority for identity documents, detected a data breach on April 15. The exposed information includes names, birth dates, email addresses, login IDs, and some physical addresses and phone numbers. A hacker has offered the purported agency data for sale on dark web marketplaces, raising concerns about identity theft and fraud.

How did the UK Biobank breach expose half a million volunteers' health data?

The UK Biobank, a major research organization, confirmed a breach after de-identified health data of 500,000 volunteers was advertised for sale on Chinese marketplaces. Officials stated that the listings were quickly removed and believed to be unsold. In response, the organization suspended access, shut down the research platform, and imposed download limits to prevent further data exfiltration. While the data was de-identified, the exposure still poses privacy risks and underscores the challenges of securing large-scale health databases. The incident highlights the need for robust monitoring and rapid incident response in research environments handling sensitive personal information.

What was the impact of the Bitwarden supply-chain attack?

Bitwarden, a popular password manager, suffered a supply-chain attack after a malware-tainted CLI release (version 2026.4.0) was published to the npm registry on April 22. The incident occurred when a hijacked GitHub account was used to push the malicious package. Bitwarden reported that 334 developers installed the compromised version during a brief window, potentially exposing their credentials. However, the company stated that vault data remained unaffected, as the malware targeted CLI environments rather than encrypted user vaults. This attack underscores the risks of software supply chains and the importance of verifying package integrity before installation. Developers who downloaded the affected version are advised to rotate any credentials used during that time.

What AI threats were identified, including access to Anthropic's unreleased model?

Researchers flagged unauthorized access to Anthropic's unreleased AI cyber model, Claude Mythos Preview, through a third-party vendor environment. A small Discord group reportedly exploited shared contractor accounts, API keys, and predictable URLs to reach the system. Anthropic said it is investigating and has not seen impact to core systems. Additionally, researchers observed Bissa Scanner, an AI-assisted exploitation platform using Claude Code and OpenClaw to automate mass scanning, exploitation, and credential harvesting. The platform focused on exploiting React2Shell (CVE-2025-55182), scanning millions of targets, confirming over 900 compromises, and collecting tens of thousands of exposed environment files. These incidents demonstrate how AI tools are being weaponized by threat actors to scale attacks.

How did the Bissa Scanner use AI to exploit vulnerabilities at scale?

The Bissa Scanner represents a new breed of AI-assisted cyber attack tools. It leverages Claude Code and OpenClaw to conduct mass scanning, exploitation, and credential harvesting with minimal human intervention. Specifically, Bissa Scanner targeted the React2Shell vulnerability (CVE-2025-55182), which allows remote code execution in React-based applications. The platform scanned millions of potential targets, automatically identifying and exploiting vulnerable systems. According to researchers, it confirmed over 900 successful compromises and harvested tens of thousands of environment files containing sensitive credentials. This capability dramatically lowers the barrier for launching large-scale attacks, as AI handles the reconnaissance and exploitation phases. Organizations are urged to patch vulnerabilities promptly and monitor for unusual scanning activity.

What critical vulnerabilities were patched by Microsoft and Apple this week?

Microsoft released out-of-band fixes for CVE-2026-40372, a critical privilege escalation flaw in ASP.NET Core rated 9.1. The bug affects Data Protection versions 10.0.0 to 10.0.6, allowing attackers to forge cookies and antiforgery tokens, impersonate users, and gain SYSTEM-level access on Linux or macOS deployments. Organizations using affected versions should apply the patch immediately. Meanwhile, Apple issued fixes for CVE-2026-28950 in iOS and iPadOS, a Notification Services vulnerability that could allow an attacker to bypass security controls. Apple recommends updating to the latest OS versions to mitigate the risk. Both patches are critical for maintaining security in enterprise and personal devices.