20th April – Threat Intelligence Report

This bulletin highlights a series of high-impact incidents and research: multiple large data breaches (including McGraw-Hill ~13.5M accounts and Booking.com customer reservation data), a WordPress plugin supply-chain compromise distributing backdoored updates, targeted industrial malware (ZionSiphon), a fake Ledger Live app that stole >$9.5M, and AI-powered intrusions that allegedly exposed hundreds of millions of government records. It also reports actively exploited high-severity vulnerabilities (Apache ActiveMQ CVE-2026-34197 and others), phishing and prompt-injection campaigns against developer CI/CD and AI agents, and widespread malicious C2 infrastructure supporting botnets and traffic-redirection campaigns.