A widespread supply-chain campaign dubbed “Mini Shai-Hulud” compromised popular npm and PyPI packages on April 29-30, 2026, stealing developer and cloud credentials and spreading through developer tooling. Security firms Wiz, Socket, SafeDep, Aikido Security and others linked the operation to the cybercrime group TeamPCP. Poisoned npm releases included mbt@1.2.48, @cap-js/db-service@2.10.1, @cap-js/postgres@2.2.2 and @cap-js/sqlite@2.2.2 (collectively ~572,000 weekly downloads), plus intercom-client@7.0.4/7.0.5 (~360,000 weekly downloads). PyPI package lightning@2.6.2/2.6.3 was also tainted. Malicious preinstall hooks and import-time payloads harvested GitHub tokens, npm credentials, GitHub Actions secrets, and cloud credentials for AWS, Azure, GCP and Kubernetes. Attackers encrypted stolen data and exfiltrated it to public GitHub repositories created under victims’ accounts, then used stolen tokens to add malicious Actions workflows and publish further poisoned releases. Analysts say the campaign abused npm OIDC trusted publishing and, troublingly, persisted via Visual Studio Code and Claude Code configuration files, expanding attack surfaces beyond build systems into developer workstations and AI-assisted coding tools.

The UK government’s Cyber Security Breaches Survey for 2025/26, published in late April 2026, found that 43% of businesses — around 612,000 firms — and 28% of charities (about 57,000) reported at least one cyber breach or attack in the past year. Incidence rates were higher among larger organisations (69% of large firms, 65% of medium firms) while micro businesses reported 42%. Phishing remained by far the most common and disruptive vector, affecting 38% of businesses and 25% of charities. Ransomware fell to 1% of respondents and impersonation attacks declined to 12%. The survey shows modest governance gains — board-level cybersecurity responsibility rose to 31% — but only 25% of businesses have formal incident response plans. Ministers and cybersecurity officials warned of heightened risks from offensive AI and potential state-linked activity; the cyber security minister has urged executives to adopt NCSC guidance, sign up for its Early Warning service, and consider the forthcoming Cyber Resilience Pledge aimed at senior leadership and supply-chain certification.

Two former U.S.-based cybersecurity professionals were each sentenced to four years in prison on April 30, 2026 for their roles in a string of BlackCat (ALPHV) ransomware attacks in 2023, the Department of Justice said. Ryan Clifford Goldberg, 40, formerly an incident response manager at Sygnia, and Kevin Tyler Martin, 36, a ransomware negotiator at DigitalMint, pleaded guilty in December 2025. Prosecutors say the pair conspired with Angelo John Martino III to deploy ALPHV/BlackCat and extort victims across the United States between April and December 2023, including a Florida medical firm, a Maryland pharmaceutical company, California engineering and medical practices, and a Virginia drone manufacturer. In one incident the trio extorted roughly $1.2–1.3 million in bitcoin, sharing a 20% fee with BlackCat administrators and splitting remaining proceeds among themselves; other attacks involved leaked patient data. Goldberg fled the country in June 2023 and was later arrested abroad and deported; Martin was arrested in October 2023 and released on bond before sentencing. Martino has pleaded guilty and faces a July sentencing. U.S. prosecutors and FBI officials highlighted the abuse of specialised cyber skills to commit and profit from ransomware.

OpenAI has launched Advanced Account Security (AAS), an opt-in, phishing-resistant protection tier for ChatGPT and Codex accounts announced April 30–May 1, 2026. AAS removes password and email/SMS recovery routes, requiring two passkeys, two FIDO2 hardware keys, or a combination; it shortens session lengths, issues login alerts, and automatically opts enrolled accounts out of model training. OpenAI partnered with Yubico to offer co-branded YubiKey bundles (YubiKey C NFC and YubiKey C Nano) at a discounted two-pack price to lower adoption barriers. The company says AAS targets high-risk users — journalists, political dissidents, researchers, elected officials — but is available to all tiers, including free users. Members of OpenAI’s Trusted Access for Cyber program must enable AAS or demonstrate equivalent phishing-resistant auth by June 1. AAS also carries a trade-off: if users lose registered keys and recovery material, OpenAI cannot restore account access, potentially making chat histories irretrievable. The rollout follows broader industry and OpenAI moves toward stronger account defenses amid rising credential theft and targeted phishing campaigns.

A critical authentication-bypass vulnerability in cPanel and WebHost Manager (WHM), tracked as CVE-2026-41940 and rated 9.8 CVSS, is being actively exploited in the wild, security researchers and hosting firms reported. The flaw, disclosed by watchTowr and patched by cPanel maker WebPros on April 28, 2026, allows attackers to inject CRLF characters into session files during login processing and promote that malicious data into the session cache to gain administrative — including root — access. Rapid7 scans indicate roughly 1.5 million cPanel instances are exposed online, though the exact number of vulnerable installs is unknown. KnownHost, Namecheap and other providers reported evidence of exploitation dating back to late February; CISA added the CVE to its Known Exploited Vulnerabilities list. cPanel has released fixes across supported branches (including WP Squared) plus detection scripts; recommended mitigations include immediate patching, searching for indicators of compromise, firewalling cPanel ports, and restarting cpanel services.

Google has released emergency patches to fix a maximum-severity (CVSS 10.0) remote code execution flaw in its Gemini command-line interface and the google-github-actions/run-gemini-cli workflow, warning that unpatched CI/CD pipelines processing untrusted inputs could be exploited. The vulnerability, disclosed by researchers Elad Meged of Novee Security and Dan Lisichkin of Pillar Security and detailed publicly on April 30, 2026, stemmed from Gemini CLI’s headless mode automatically trusting workspace folders and loading configuration and environment variables before sandboxing. An attacker could plant malicious config files via a pull request and achieve command execution on the host, exposing secrets, credentials and source code. Google patched @google/gemini-cli in versions 0.39.1 and 0.40.0-preview.3 and the GitHub Action in 0.1.22. The fix removes implicit workspace trust and tightens tool allowlisting (including changes to --yolo behavior). Operators who pinned versions or relied on previous permissive behavior should review workflows: defaulting to the newest CLI release may cause some pipelines to fail unless workflows are updated to explicitly trust folders or harden against untrusted inputs.