cybr.cx | Daily Digest — April 03, 2026

Critical Vulnerabilities

CVE-2026-32173 — Azure SRE Agent | CVSS 8.6 (HIGH)
An improper authentication flaw in Microsoft's Azure SRE Agent allows unauthenticated network attackers to access sensitive information. Given the agent's role in site reliability engineering workflows — likely touching infrastructure state, logs, and operational secrets — exposure here could be significant. Patch or restrict network access to the agent immediately; treat any exposed credentials or configs as compromised.

CVE-2026-4350 — Perfmatters WordPress Plugin (≤2.5.9.1) | CVSS 8.1 (HIGH)
A path traversal vulnerability in the Perfmatters plugin allows any authenticated — or potentially unauthenticated — user to delete arbitrary files on the server by manipulating the $_GET['delete'] parameter. No sanitisation, no authorisation check, no nonce verification. Deleting wp-config.php is the obvious doomsday scenario here. Perfmatters is a widely deployed performance plugin, so the attack surface is substantial. Update to a patched release immediately or disable the plugin until one is available.

Headline News

Claude Code Leak Spirals: Malware Campaigns, Collateral Damage, and Shell Bugs

The leak of Anthropic's Claude Code source code has had a worse-than-expected second week. Threat actors moved quickly to capitalise, seeding fake GitHub repositories that impersonate the leaked codebase to deliver Vidar infostealer malware — a well-worn playbook executed with fresh bait. Meanwhile, Anthropic's own takedown efforts backfired spectacularly: in attempting to scrub leaked code from GitHub, the company inadvertently triggered mass repository removals affecting thousands of unrelated projects, causing significant disruption across the open-source community. To complete the trifecta, researchers auditing the leaked source found three separate shell injection vulnerabilities, all sharing the same root cause: shell: true combined with unsanitised user input. For practitioners, the immediate priorities are blocking the malicious GitHub repos at the network or endpoint level, auditing any internal tooling built on or inspired by Claude Code, and treating the shell injection findings as a reminder that AI-adjacent codebases deserve the same scrutiny as anything else running with elevated privilege.

ShinyHunters Claims 3M+ Cisco Records — Deadline Today

ShinyHunters has claimed responsibility for exfiltrating more than three million Cisco records, asserting the data was accessed via Salesforce and AWS integrations. The group issued a public ultimatum with today — April 3 — as the deadline for Cisco to respond before a full public leak. ShinyHunters has a credible track record of following through on these threats, having previously leaked data from Ticketmaster, Santander, and others at scale. For security teams with Cisco vendor relationships or whose organisations appear in Cisco's CRM ecosystem, now is a good time to review what data Cisco holds on your behalf and monitor for credential exposure. The Salesforce and AWS vector, if confirmed, would once again highlight the risks of over-permissioned SaaS integrations as a lateral entry point into enterprise supply chains.

IRGC Linked to Targeted Strike on Oracle's Dubai Infrastructure

Iran's Islamic Revolutionary Guard Corps has been attributed to an attack on Oracle's Dubai data centre as part of a broader campaign targeting US cloud infrastructure in the region. The operation raises the stakes on cloud provider security posture in geopolitically sensitive hosting locations, and signals that state-level adversaries are now actively prioritising cloud infrastructure — not just endpoints or government networks — as strategic targets. For enterprises running workloads in Middle Eastern cloud regions, this is a timely prompt to review blast radius if a regional data centre were taken offline or partially compromised, and to ensure that cross-region redundancy assumptions actually hold under adversarial conditions rather than just hardware failure scenarios.

Nerdy Corner

Ditch the Vector DB, Build a Filesystem

Mintlify published a write-up this week on swapping out a traditional RAG pipeline in favour of a virtual filesystem for their AI documentation assistant — essentially giving the model a structured, navigable representation of docs rather than a bag of semantically similar chunks. It's a clever reframe: instead of asking "what does this text mean?" the system asks "where does this information live?" Whether it scales beyond documentation assistants is an open question, but it's a welcome sign that people are poking at RAG's limitations rather than just throwing more embeddings at them. Security tooling vendors building AI-assisted triage features, take note — your chunked CVE descriptions probably deserve better.