Cyber Threat Report: April 2026

Monthly report · 1957 clusters · 11987 articles

1957

Threat Clusters

11987

Articles Analyzed

52.0

Avg Threat Score

145

Rising Entities

Top Threats

Critical WebLogic RCE Vulnerability Exploited in the Wild

Urgent CISA Directive: Patch Critical Ivanti EPMM Vulnerability CVE-2026-1340 by April 11

80.223 articles

State-Sponsored Phishing Campaign Targets Signal Users

DPRK-Linked Malware Targeting Job Seekers via Wellfound

Critical Buffer Overflow Vulnerability in Silex Devices (CVE-2026-32956)

Persistent Firestarter Malware Targets Cisco Firepower Devices in US Agencies

79.037 articles

Critical NGINX UI Vulnerability CVE-2026-33032 Under Active Exploitation

78.822 articles

CISA Alerts on Critical Flaws in SimpleHelp, Samsung MagicINFO, and D-Link Devices

New Vulnerabilities Discovered in Serial-to-IP Converters Threaten Critical Infrastructure

Critical SQL Injection Vulnerability in CodeAstro Attendance System (CVE-2026-37749)

Critical RCE Vulnerability in Marimo Exploited Within 10 Hours of Disclosure

78.016 articles

Iranian APTs Target 5,219 Exposed Rockwell PLCs in U.S. Critical Infrastructure

Rising Entities

Apt Group

Attack Type

Campaign

Company

Ethereum+1083%
Vercel+3800%
Education+82%
Rockstar Games+1200%
OpenAI+182%

Country

Cve

Cwe

Eth

Industry

Malware

Pegasus+375%
Stuxnet+275%
Graphite+500%
Vidar+100%
Remcos+600%

Mitre Attack

Platform

Linux+40%
Solana+500%
MacOS+40%
Windows+13%
OpenBSD+1450%

Ransomware Group

BlackCat+750%
Lockbit+400%
Medusa+450%
Vect+900%
Alphv+400%

Tool

Vulnerability

Xmr

48jWtAsev4V9iDeN5TK5PQVNGhnJJR35yiJfJ1tbA3f73ZCiiarUxc4RMU4hNMsd1Udjbe1tCiBeFbx216UXXJzLB98dmJRNEW

Entity Type Distribution

Entity Type	Count
Platform	1222
Company	1197
Cve	625
Tool	579
Malware	485
Apt Group	240
Campaign	229
Country	227
Mitre Attack	129
Vulnerability	102
Ransomware Group	80
Industry	67
Attack Type	57
Cwe	36
Eth	4
Xmr	1