Security Signals (4/7/26-4/21/26)

This intelligence digest (April 8–21, 2026) enumerates multiple active threats and research findings, including supply-chain trojans (trojanized CPU-Z/HWMonitor), active exploitation of critical vulnerabilities (Adobe prototype pollution, marimo RCE), diverse malware and infostealer campaigns (GlassWorm, LucidRook, MicroStealer, SparkStealer, Banshee, Lumma), APT activity (APT28, Pawn Storm, Storm-2755), widespread malicious extensions and fake repositories, and a confirmed Vercel data breach—highlighting urgent needs for patching, supply-chain validation, and detection of relevant TTPs.