24 Apr 2026
Week in review
Greetings,
A new report has raised fresh questions about how safely powerful AI security tools are being distributed, after an unauthorised group reportedly gained access to Anthropic’s closely guarded frontier AI model, Mythos.
According to a Bloomberg investigation cited by TechCrunch, members of a private online forum were able to access Mythos through the environment of a third party vendor that works with Anthropic. Mythos, announced only recently, is designed as an enterprise grade AI tool to discover software vulnerabilities and develop exploits. Anthropic has previously warned that, in the wrong hands, the technology could just as easily be used to rapidly exploit information systems on a huge scale.
The group is said to have obtained access on the same day Mythos was publicly revealed, apparently by making an educated guess about where the model was hosted online based on Anthropic’s past release patterns. Bloomberg reports that the individuals involved provided evidence of their access, including screenshots and a live demonstration of the software, and have been using the tool regularly since then. The source described the group as curious experimenters rather than malicious actors, with a stated interest in exploring new models rather than causing harm.
Anthropic confirmed it is investigating the claims and said the access appears to have occurred through a third party vendor, not its own systems. The company added that it has found no evidence so far that its internal infrastructure has been compromised.
Mythos was made available only to a select group of partners, including major technology companies, under an initiative called Project Glasswing. The limited rollout was intended to reduce the risk of misuse. If the report is accurate, it highlights how difficult it can be to fully contain advanced AI tools once they get released, even on a limited basis.
New npm supply-chain attack self-spreads to steal auth tokens
Date: 2026-04-22
Author: Bleeping Computer
A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.
The threat was spotted by researchers at application security companies Socket and StepSecurity in multiple packages from Namastex Labs, a company that provides AI-based agentic solutions designed to improve profitability.
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug
Date: 2026-04-22
Author: The Hacker News
[See AUSCERT bulletin: https://portal.auscert.org.au/bulletins/ASB-2026.0097/]
Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges.
The vulnerability, tracked as CVE-2026-40372, carries a CVSS score of 9.1 out of 10.0. It's rated Important in severity. An anonymous researcher has been credited with discovering and reporting the flaw.
"Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network," Microsoft said in a Tuesday advisory. "An attacker who successfully exploited this vulnerability could gain SYSTEM privileges."
Recently leaked Windows zero-days now exploited in attacks
Date: 2026-04-17
Author: Bleeping Computer
Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or elevated administrator permissions.
Since the start of the month, a security researcher known as "Chaotic Eclipse" or "Nightmare-Eclipse" has published proof-of-concept exploit code for all three security issues in protest to how Microsoft's Security Response Center (MSRC) handled the disclosure process.
CISA flags Apache ActiveMQ flaw as actively exploited in attacks
Date: 2026-04-17
Author: Bleeping Computer
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned on Thursday that a high-severity Apache ActiveMQ vulnerability patched earlier this month is now actively exploited in attacks.
Apache ActiveMQ is the most popular open-source Java-based message broker for asynchronous communication between applications.
Tracked as CVE-2026-34197, the security flaw has gone undetected for 13 years and was discovered by Horizon3 researcher Naveen Sunkavally using the Claude AI assistant.
Vercel's security breach started with malware disguised as Roblox cheats
Date: 2026-04-20
Author: CyberScoop
[AUSCERT has published a related security bulletin https://portal.auscert.org.au/bulletins/ASB-2026.0068/]
Vercel customers are at risk of compromise after an attacker hopped through multiple internal systems to steal credentials and other sensitive data, the company said in a security bulletin Sunday.
The attack, which didn’t originate at Vercel, showcases the pitfalls of interconnected cloud applications and SaaS integrations with overly privileged permissions.
ASB-2026.0080 – Oracle Fusion Middleware: CVSS (Max): 9.8
Multiple vulnerabilities have been identified in a number of Oracle products. This Critical Patch Update contains 59 new security patches, plus additional third party patches, for Oracle Fusion Middleware. 46 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.
ASB-2026.0097 – ASP.NET Core 10.0: CVSS (Max): 9.1
Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability. Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges (gain SYSTEM privileges) over a network.
ESB-2026.1817.2 – Cisco Catalyst SD-WAN: CVSS (Max): 9.8
Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an attacker to access an affected system, elevate privileges to root, gain access to sensitive information, and overwrite arbitrary files.
ESB-2026.4002.2 – Atlassian Products: CVSS (Max): 10
The vulnerabilities reported in this Security Bulletin include 31 high-severity vulnerabilities and 7 critical-severity third-party vulnerabilities, which have been fixed in new versions of our products released in the last month.
ESB-2026.4105 – IBM WebSphere Application Server: CVSS (Max): 7.5
IBM WebSphere Application Server Liberty is affected by identity spoofing when the appSecurity feature (appSecurity-1.0, appSecurity-2.0, appSecurity-3.0,
appSecurity-4.0, or appSecurity-5.0) is not enabled on the server.
Stay safe, stay patched and have a good weekend!
The AUSCERT team
