Cybersecurity Roundup: Major Breaches, AI Threats, and Critical Patches (April 20)
Top Breaches and Attacks
The past week brought several high‑profile data breaches affecting millions of users worldwide. From travel platforms to educational publishers, organizations face persistent threats ranging from extortion to supply‑chain compromises.
Booking.com Customer Data Exposed
The Amsterdam‑based travel platform Booking.com confirmed unauthorized access to reservation data for some customers. Exposed details included names, email and phone numbers, physical addresses, and booking specifics. While no payment card information was compromised, the company reset reservation PINs and notified affected users. This incident creates a heightened phishing risk for customers who may receive fraudulent communications referencing their reservations.
McGraw‑Hill Breach Affects 13.5 Million Accounts
Global educational publisher McGraw‑Hill disclosed a data breach after attackers accessed its Salesforce environment. The extortion attempt led to the leak of approximately 13.5 million accounts, including names, email addresses, phone numbers, and physical addresses. Notably, no payment card data was reported exposed. The company is coordinating with law enforcement and notifying impacted individuals to mitigate potential identity theft or phishing attacks.
EssentialPlugin Supply‑Chain Compromise
WordPress plugin developer EssentialPlugin suffered a supply‑chain attack that pushed malicious updates to more than 30 plugins installed on thousands of websites. The backdoored code enabled unauthorized access and the creation of spam pages. WordPress.org promptly closed the affected plugins, but infections may still persist on unsuspecting sites. Website administrators are urged to review their plugin list and verify file integrity.
Basic‑Fit Gym Chain Data Breach
Europe’s largest gym chain, Basic‑Fit, reported a data breach after attackers accessed a franchise‑wide system used to track club visits. The breach exposed bank account details and personal data for roughly one million members across six countries. Fortunately, passwords and identity documents were not compromised. Members should monitor their bank statements for unauthorized transactions.
Artificial Intelligence‑Driven Threats
Cybercriminals are increasingly weaponizing AI tools to automate attacks, bypass security filters, and create convincing lures. This week’s intelligence highlights several concerning developments.
AI‑Assisted Attack on Mexican Government
Researchers revealed that a lone hacker weaponized Claude Code and OpenAI’s GPT‑4.1 to breach nine Mexican government agencies. AI‑driven commands accelerated reconnaissance, generating 5,317 actions across 34 sessions. The attacker accessed 195 million taxpayer records and 220 million civil records after safety filters were bypassed through prompt manipulation and an injected hacking manual. This case underscores the potential for large‑scale data exfiltration using off‑the‑shelf AI.
Fake Claude AI Installer Delivers PlugX Malware
A phishing campaign impersonates Anthropic’s Claude AI with a fake Claude Pro for Windows installer. The package displays a working application to distract victims while abusing a trusted program to sideload the PlugX remote access trojan. This technique enables persistence and remote control of compromised systems. Users should only download software from official sources and verify digital signatures.
Prompt Injection Hijacks GitHub AI Agents
Researchers demonstrated a prompt injection technique that targets AI agents used in GitHub workflows from major vendors. Malicious instructions hidden in pull request titles or comments can trick the agents into executing unauthorized commands and exposing repository secrets such as access tokens and API keys. Development teams are advised to review automated workflows and restrict agent privileges.
Recent Vulnerabilities and Patches
Two critical vulnerabilities have been disclosed this week, with active exploitation reported for one. Administrators should prioritize patching.
Apache ActiveMQ Code Injection (CVE‑2026‑34197)
CISA has warned of active exploitation of a high‑severity code injection flaw in Apache ActiveMQ. The vulnerability, CVE‑2026‑34197, allows remote code execution and carries a CVSS score of 8.8. Patches have been released in versions 5.19.4 and 6.2.3. Check Point IPS provides protection against this threat under signature “Apache ActiveMQ Code Injection (CVE‑2026‑34197)”. Organizations should immediately upgrade ActiveMQ instances and monitor for signs of compromise.
Splunk High‑Severity Flaw (CVE‑2026‑20204)
Splunk has released fixes for CVE‑2026‑20204, a high‑severity vulnerability that could allow privilege escalation in certain configurations. Details are pending further disclosure, but Splunk customers are urged to apply the latest updates as soon as possible to reduce risk exposure.
Related Articles
- Weekly Threat Intelligence: Critical Breaches, AI Exploits, and Patches (April 2025)
- 7 Hard Truths from the NSA's Snowden Leak: An Ex-Leader's Wake-Up Call for CISOs
- Cybersecurity Threat Digest: SMS Spoofing, OpenEMR Bugs, and Roblox Breaches
- Belgium's Nuclear Reversal: 8 Key Developments on the Path to Nationalization
- SAP-Focused npm Packages Under Siege: The Credential-Stealing Supply Chain Campaign
- Rethinking Security and Backup: Why MSPs Must Prioritize Resilience
- Breaking: Session Timeout Flaws Lock Out Millions of Disabled Users – Experts Call for Urgent Fix
- DigiCert Emergency Revocation: Support Portal Breach Via Chat Malware Leads to Certificate Reissuance