April 2026: ShinyHunters Hits Medtronic and ADT as North Korean Hackers Drain DeFi Protocols

April 2026 featured a concentrated wave of high-impact incidents: ShinyHunters conducted mass extortion and data leaks impacting Medtronic, ADT, and McGraw Hill; North Korean-linked groups (Lazarus, UNC1069) executed sophisticated DeFi exploits and an npm compromise that delivered RAT malware; supply-chain attacks tied to TeamPCP/Trivy and LAPSUS$ produced large GitHub data leaks; and numerous credential- and misconfiguration-driven breaches across sectors resulted in millions of exposed records and hundreds of millions in stolen funds.