Cybersecurity April 2026
Global headlines curated by our intelligent agents.
Latest News
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, complicating detection.
OpenAIΓÇÖs new security model is for ΓÇÿcritical cyber defendersΓÇÖ only
Like Anthropic’s Mythos, GPT-5.5-Cyber will first be released to ‘trusted’ entities. 
New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions
CVE-2026-31431 CVSS 7.8 flaw since 2017 enables root via 732-byte exploit, impacting major Linux distributions.
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
Gemini CLI CVSS 10.0 flaw in versions below 0.39.1 enabled RCE in CI workflows, forcing Google to mandate explicit workspace trust.
SAP npm Packages Compromised by ΓÇ£Mini Shai-HuludΓÇ¥ Credential-Stealing Malware
SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.
New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.
Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks
AI-driven attacks uncovered in February 2026 automate kill chain and seize Domain Admin credentials in minutes, forcing faster defenses.
GitHub rushed to fix a critical vulnerability in less than six hours
A critical remote code execution vulnerability was discovered using an AI model and patched within hours.
Critical cPanel Authentication Vulnerability Identified ΓÇö Update Your Server Immediately
cPanel patches authentication flaw across supported versions, prompting Namecheap port blocks and temporary access limits.
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
CISA added two actively exploited CVEs to KEV after confirmed attacks, mandating FCEB patching by May 12, 2026.
LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.
Above Land: Rhapsody is a Co-op Roguelite that Mixes Swordplay with... Slam Dunks?
Colourful, quirky, and completely chaotic, Above Land: Rhapsody basically takes the three-player co-op carnage of Elden Ring Nightreign and injects it with some hilariously over-the-top weapons and special moves that seem straight out of a Yakuza street brawl. At a recent BiliBili: First Look event in Shanghai, I spent a few hours hacking and slashing away at monsters in a land above the clouds, in this frenetic roguelite that marries breathtaking bursts of action and tower defense elements with a deep sense of combat customisation. Yet what really stood out for me was the creative combination of weaponry at my disposal. I mean, when was the last time you played an action RPG that allowed you to cut down goblins with a giant broadsword in one hand, and perform slam-dunking finishing moves with a basketball dribbled with the other?Just why do you have access to an eclectic arsenal of weapons that seem to be stripped out of the pages of a tweenagerΓÇÖs sketchbook? Well, that probably has something to do with the fact that in Above Land: Rhapsody you actually play as a young child, at least outside of each battle. Here your downtime is spent wandering through the bowels of a floating vessel dubbed ΓÇÿThe Invincible BebeΓÇÖ, trading for special potions with the alchemist, preparing meals with the chef that provide buffs during combat, and visiting the tailor to unlock various aesthetic upgrades like witchΓÇÖs hats and aviation goggles for your avatar.The most important NPC to befriend, though, is the BebeΓÇÖs blacksmith who provides you with a weapon set that combines a standard suite of high fantasy armaments with what appears to be the most wanted items on a grade schoolerΓÇÖs Christmas wishlist. Of course there are swords, dual-wielded daggers, and a powerful bow to deal damage with, but thereΓÇÖs also a yo-yo, electric guitar, and the aforementioned basketball to add some slapstick to every monster arse you kick. IΓÇÖm assuming the team at developer Flying Amateurs are WWE fans, too, since you can even choose to wield a folding chair, exactly like the kind typically clattered over the skulls of greased up grapplers ringside at Wrestlemania. You might say that the developers have employed an ΓÇÿeverything but the kitchen sinkΓÇÖ approach to designing your characterΓÇÖs arsenal in Above Land: Rhapsody, but since in the early version I played there was only 12 out of the more than 30 weapons set to be available in the finished game, I canΓÇÖt rule out the possibility that there might actually be a kitchen sink or some other random piece of plumbing to wield when Above Land: Rhapsody eventually comes out. ItΓÇÖs pretty nuts.Above and Beyond Once youΓÇÖre good to go you then shift through the pages of an intricate pop-up book left to the child by his missing mother, which then teleports you into a battle realm composed of floating chunks of shattered landscape and populated with hordes of minions to clash with and countless secret treasures to scour for. In this dimension you transform into a lithe warrior and, either solo or with up to two companions in tow, must survive four waves of increasingly challenging enemy hordes before overcoming an end boss in a gameplay session that basically constitutes about 30 breathless minutes of mayhem. Each wave of enemies you dispatch drops randomised character modifiers that you can equip on the fly, ranging from simply electrifying your weapons, to a buff that makes the size of your character slowly grow and become more powerful at the cost of your overall movement speed. Apparently in the full game there will be even more absurd modifiers that turn enemies into sheep, or allow you to literally shout your enemies to death using a headset microphone. Finally, a gameplay mechanic purpose built for every shrieking adolescent IΓÇÖve ever encountered in Call of Duty. Even without the novel gameplay twists introduced by these modifiers, which IΓÇÖm told will be close to a staggering 1,000 in number, the weapons are already an absolute blast to use. In addition to standard attacks, each weapon also has two special skills that operate on a cooldown timer. For example, the broadsword can deploy an automated turret to help thin enemy numbers in your vicinity, while the folding chair can summon a wrestling ring to rope in the enemies around you and prevent them from dodging your chair-swinging attacks.Each weapon also features its own unique combat mechanics. With the katana I was simply alternating between the two main attack buttons to pull off slashing uppercuts and charged up stabs, but with the electric guitar I fell into a completely different rhythm. Quite literally so, since wielding the axe of the fretted kind brings up a tempo indicator at the bottom of the screen; the better you time each strum of the guitar, the more damage you deal with the musical note projectiles that fire out in all directions, as your character kneeslides and duckwalks around the combat arena like an action roleplaying Angus Young. I must admit that the manic nature of Above Land: RhapsodyΓÇÖs scraps meant that I didnΓÇÖt always completely know what was going on, but I was nothing if not entertained at all times.Above the RimItΓÇÖs worth pointing out that the actual multiplayer component of Above Land: Rhapsody is still very much a work in progress, and many of the features planned for co-operative play were not present in the early build I played. Specifically, the full game is set to allow players to trade items like ability modifiers between them, but perhaps more enticingly, your combat abilities will be far more complementary in a scrap. An example suggested to me by one of the developers, was that if two players each had the basketball equipped, they might be able to pass it back and forth in quick succession in order to create a powerful whirlwind to damage enemies with, before finishing them off with one player lobbing the ball to the other for an alley-oop dunk on the enemyΓÇÖs head. To be clear these concepts are only tentative at this stage, but IΓÇÖm certainly keen to see what kind of tandem takedowns will end up in Above Land: Rhapsody when it launches. Perhaps you could have a trio of guitarists shredding a harmony solo to literally melt enemy faces with, or maybe multiple yo-yo wielders could spin up a web of strings and really rock the cradle with pounding, pendulum-style attacks. ThereΓÇÖs certainly scope for some really fun combinations here. IΓÇÖm certainly keen to see what kind of tandem takedowns will end up in Above Land: Rhapsody when it launches.At this early stage in its development, Above Land: Rhapsody is also in desperate need of better onboarding for new players. Although its combat is extremely easy to pick up due to its simple and instantly rewarding design, there are an overwhelming number of systems to interact with during each battle. These include various statues littered around the arena that grant increases to your maximum health or elemental defense, with some requiring the offering of special keys you collect during battle, some with short puzzles to solve, and others demanding the use of another consumable called a G-stone. ThereΓÇÖs also the Wobbo, which sounds like an Australian nickname but is actually a companion creature that can either function as an autonomous bodyguard, or even allow the player to transform into a powerful monster for short periods of time. Needless to say, it was quite a lot to process in between the constant hacking and slashing of hordes, but the developers assure me that theyΓÇÖre working on an expanded tutorial for the full game that will go beyond the basic introduction included in this preview build.If developer Flying Amateurs can knuckle down and get the basics sorted, then that should really allow the silly side of Above Land: Rhapsody to really shine. This is an action RPG overflowing with energy and playfulness, and IΓÇÖm certainly keen to see more. With no release window confirmed at this time it could still be quite a while before we get the finished game in our hands, and itΓÇÖs hard to tell from this short slice just how much story substance will be evident, and what other combat arenas will be included to keep the fighting fresh. But for now, I can say that the potential of Above Land: Rhapsody is certainly sky high.For more on Above Land: Rhapsody, be sure to check out the full announcement details here.Tristan Ogilvie is a senior video editor at IGN's Sydney office. He attended the BiliBili: First Look event in Shanghai as a guest of the organizers.
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
CVE-2026-3854 (CVSS 8.7) enabled GitHub RCE via git push, risking cross-tenant access to millions of repositories.
All Single-Player, Non-VR Denuvo Games Have Allegedly Been Bypassed
Just last month, Resident Evil Requiem became the first 2026 game with Denuvo to be cracked by Voices38, but just a few weeks later, it looks like most games with the anti-piracy technology have been cracked or bypassed. According to a post by FitGirl, a popular game repacker, all single-player, non-VR games have been either cracked or bypassed. Most of these games have been bypassed through Hypervisor workarounds, which run underneath Windows to trick the DRM into thinking it's running on different hardware. This is opposed to a "true crack," which doesn't need this kind of risky workaround to run. While these Hypervisor bypasses are dangerous, that hasn't stopped people from using them to pirate games much earlier than they otherwise would have been able to. After all, Pragmata had a Hypervisor bypass before it even came out. In a statement to TorrentFreak, Denuvo parent company Irdeto claims that it is "working on a countermeasure while warning that the new cracks are a security concern." I've reached out to Irdeto for comment as well, and I'll update this story if and when I hear back. But, even if the company is working on a countermeasure for this new wave of Hypervisor bypasses, the speed with which these bypasses are coming begs the question: Is Denuvo even worth it anymore?Performance in the Age of Expensive HardwareOne of the biggest problems with Denuvo over the years has been the performance impact. For a technology that's ostensibly supposed to punish people who download games illegally, it has a huge impact on people who do buy the game. And now that PC hardware like graphics cards are getting more expensive due to AI, taking any kind of performance loss through unnecessary software is getting harder to deal with. That performance hit was likely a worthy sacrifice in the eyes of game publishers because it stopped people from pirating the game within the first couple of weeks of release. But now that these Hypervisor bypasses are becoming available within hours of a game coming out, it does seem like there's little point to this form of DRM anymore. To be clear, there are still very clear risks to running this kind of exploit on your gaming PC. You have to shut down basically every form of protection in order to get it running right, and because it's software running on ring -1 (here's a handy Medium post explaining how that works), or under the Windows kernel itself, it really opens your PC to attack. However, it doesn't seem like that risk is stopping people from using these exploits, especially when games and hardware keep getting more expensive. Jackie Thomas is the Hardware and Buying Guides Editor at IGN and the PC components queen. You can follow her @Jackiecobra
All Single-Player, Non-VR Denovo Games Have Allegedly Been Bypassed
Just last month, Resident Evil Requiem became the first 2026 game with Denuvo to be cracked by Voices38, but just a few weeks later, it looks like most games with the anti-piracy technology have been cracked or bypassed. According to a post by FitGirl, a popular game repacker, all single-player, non-VR games have been either cracked or bypassed. Most of these games have been bypassed through Hypervisor workarounds, which run underneath Windows to trick the DRM into thinking it's running on different hardware. This is opposed to a "true crack," which doesn't need this kind of risky workaround to run. While these Hypervisor bypasses are dangerous, that hasn't stopped people from using them to pirate games much earlier than they otherwise would have been able to. After all, Pragmata had a Hypervisor bypass before it even came out. In a statement to TorrentFreak, Denuvo parent company Irdeto claims that it is "working on a countermeasure while warning that the new cracks are a security concern." I've reached out to Irdeto for comment as well, and I'll update this story if and when I hear back. But, even if the company is working on a countermeasure for this new wave of Hypervisor bypasses, the speed with which these bypasses are coming begs the question: Is Denuvo even worth it anymore?Performance in the Age of Expensive HardwareOne of the biggest problems with Denuvo over the years has been the performance impact. For a technology that's ostensibly supposed to punish people who download games illegally, it has a huge impact on people who do buy the game. And now that PC hardware like graphics cards are getting more expensive due to AI, taking any kind of performance loss through unnecessary software is getting harder to deal with. That performance hit was likely a worthy sacrifice in the eyes of game publishers because it stopped people from pirating the game within the first couple of weeks of release. But now that these Hypervisor bypasses are becoming available within hours of a game coming out, it does seem like there's little point to this form of DRM anymore. To be clear, there are still very clear risks to running this kind of exploit on your gaming PC. You have to shut down basically every form of protection in order to get it running right, and because it's software running on ring -1 (here's a handy Medium post explaining how that works), or under the Windows kernel itself, it really opens your PC to attack. However, it doesn't seem like that risk is stopping people from using these exploits, especially when games and hardware keep getting more expensive. Jackie Thomas is the Hardware and Buying Guides Editor at IGN and the PC components queen. You can follow her @Jackiecobra
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
LofyGang resurfaces with LofyStealer disguised as Minecraft hack, exfiltrating IBANs and passwords to 24.152.36[.]241, escalating gaming threats.
VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
VECT 2.0 destroys files over 131KB due to nonce flaw, launched December 2025, making ransom payments useless.
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
CVE-2026-25874 (CVSS 9.3) in LeRobot 0.4.3 allows unauthenticated RCE via pickle over gRPC, risking AI systems and sensitive data.
Attack of the killer script kiddies
ΓÇ£ItΓÇÖs now or never. ThereΓÇÖs a tidal wave coming.ΓÇ¥
After Mythos: New Playbooks For a Zero-Window Era
AI models like Claude Mythos find vulnerabilities in minutes, collapsing patch windows and forcing assume-breach defenses to contain threats.
Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
Chinese hacker extradited after 2020ΓÇô2021 Exchange zero-day attacks on U.S. vaccine research, intensifying DOJ crackdown.
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.
ΓÜí Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More
This weekΓÇÖs ThreatsDay covers supply chain attacks, fake help desks, wiper malware, AI prompt traps, RMM abuse, phishing kits, and more.
Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side
Claude MythosΓÇÖ April 7 launch accelerates vulnerability discovery, but limited access and rising false positives strain remediation workflows.