Daily Threat Briefing – April 21, 2026

This briefing reports a high-severity, multi-faceted threat landscape: critical remote-code-execution flaws in AI tooling (SGLang CVE-2026-5760 and Anthropic Model Context Protocol), active state-sponsored campaigns harvesting Microsoft Office tokens via router exploits, OT/healthcare attacks including ZionSiphon and Serial-to-IP device vulnerabilities, supply-chain and third-party compromises (Vercel tool breach, malicious crypto wallet apps), and ransomware/botnet activity leveraging stolen tokens and device-code phishing; it urges immediate patching, token and access audits, network segmentation, and deployment of detection controls.