cybr.cx | April 25, 2026

Critical Vulnerabilities

CVE-2026-41349 | OpenClaw (pre-2026.3.28) | CVSS 8.8
An agentic consent bypass in OpenClaw allows remote attackers to silently disable execution approval through the config.patch parameter, letting LLM agents perform unauthorized operations without user knowledge. If your infrastructure uses OpenClaw for agentic workflows, treat this as critical regardless of the published score — silent consent bypass in an AI execution layer is exactly the kind of vulnerability that gets weaponised quietly. Patch immediately to 2026.3.28 or later.

CVE-2026-41352 | OpenClaw (pre-2026.3.31) | CVSS 8.8
A second severe OpenClaw flaw allows any attacker holding device-pairing credentials to bypass the node scope gate and execute arbitrary commands on the host system. The node pairing validation is effectively non-functional, meaning the security boundary between paired devices and the host is meaningless. Update to 2026.3.31 and audit which credentials have been issued for device pairing.

CVE-2026-26150 | Microsoft Purview | CVSS 8.6
An SSRF vulnerability in Microsoft Purview enables unauthenticated network attackers to elevate privileges. SSRF in a data governance platform is particularly dangerous given Purview's deep integration with sensitive data stores across Microsoft 365 and Azure environments. Monitor for anomalous outbound requests from Purview instances and apply Microsoft's guidance as soon as patches are available.

CVE-2026-41353 | OpenClaw (pre-2026.3.22) | CVSS 8.1
The allowProfiles access control feature in OpenClaw can be bypassed through persistent profile mutation and runtime profile selection, allowing remote attackers to access restricted browser proxy profiles. This is a third distinct flaw in the same product — the pattern suggests a systemic access control problem in OpenClaw, not isolated bugs. A thorough architecture review is warranted beyond patching alone.

CVE-2026-5364 | Drag and Drop File Upload for Contact Form 7 (WordPress, ≤1.1.3) | CVSS 8.1
This WordPress plugin allows arbitrary file upload due to extension extraction occurring before sanitisation, and critically, the file type parameter is attacker-controlled rather than locked to administrator-configured values. The result is a straightforward webshell upload path on any site running the affected version. Disable or remove the plugin until a patched version is confirmed available.

CVE-2026-32172 | Microsoft Power Apps | CVSS 8.0
An uncontrolled search path element in Power Apps allows remote code execution over a network by an unauthorised attacker. Power Apps is widely deployed across enterprise environments for low-code business workflows, broadening the potential attack surface considerably. Prioritise patching in environments where Power Apps has access to internal data sources or elevated service accounts.

CVE-2026-6947 | D-Link DWM-222W USB Wi-Fi Adapter | CVSS 7.5
The DWM-222W lacks functional brute-force protection, allowing unauthenticated attackers on an adjacent network to run credential stuffing attacks against the device login without being rate-limited or locked out. While the CVSS score is slightly lower, physical adjacency requirements don't offer much comfort in shared office, hospitality, or OT environments. Restrict network exposure and replace devices where firmware fixes are unavailable.

Headline News

Chinese Espionage via Cisco Firewall Backdoor
A US federal agency has been compromised through a backdoor in Cisco firewall infrastructure, with the intrusion attributed to Chinese state-sponsored threat actors. The attackers leveraged the network perimeter device itself as the entry and persistence mechanism — a sobering reminder that the tools trusted to enforce boundaries are high-value targets. For defenders, this reinforces why network security appliances must be treated as critical attack surface: firmware integrity verification, management plane isolation, and lateral movement monitoring are non-negotiable. Federal agencies and any organisation running Cisco perimeter gear should review current advisory guidance, audit management access logs, and confirm they're running fully patched and verified firmware builds.

ShinyHunters Claim 1.4 Million Udemy Records
The prolific threat actor group ShinyHunters is threatening to publicly release data allegedly stolen from Udemy, claiming the cache contains 1.4 million records of private user information. ShinyHunters has a well-established track record of following through on leak threats, having previously been responsible for large-scale breaches at major platforms. For security teams, the immediate concern is credential exposure — a significant portion of Udemy's user base consists of IT and security professionals who may reuse passwords across corporate systems. Treat this as an active credential threat: enforce password resets for any accounts that share credentials with Udemy logins, and monitor for unusual authentication attempts against enterprise SSO and VPN infrastructure.

$292 Million KelpDAO Hack Triggers DeFi Coordination Response
A major exploit targeting KelpDAO has drained approximately $292 million, making it the largest crypto hack of 2026 to date and triggering an emergency coordination response across the DeFi ecosystem. Aave, Lido, and EtherFi are among the platforms mobilising to contain contagion, with Lido proposing a $5.8 million staked ETH allocation to help cover the shortfall. The attack surface in DeFi remains structurally problematic: composable smart contracts create cascading dependency chains where a single exploited protocol can rapidly destabilise interconnected platforms. For practitioners working in fintech or any organisation with exposure to DeFi infrastructure, this is a live case study in why third-party dependency risk in smart contract ecosystems demands the same scrutiny as any critical software supply chain.

Schrödinger's Feed

15-Bit ECC Key Broken on Quantum Hardware — Q-Day Prize Awarded

Project Eleven has awarded its Q-Day Prize — a one Bitcoin bounty — to Giancarlo Lelli for successfully breaking a 15-bit elliptic curve cryptography key on a publicly accessible quantum computer, the largest public demonstration of this attack class to date. To be clear, 15-bit is orders of magnitude smaller than the key sizes protecting real-world systems, and this is not an imminent threat to production RSA or ECDSA deployments. But the result is significant precisely because it's a real demonstration on real hardware, not a simulation — and quantum hardware capability has a history of advancing faster than conservative estimates. Practitioners should treat this as a calibration event: if your organisation hasn't started inventorying cryptographic dependencies and mapping a migration path to NIST-standardised post-quantum algorithms, the clock is ticking louder than it was yesterday.

/dev/random

San Francisco International Airport quietly removed roughly 90 minutes of daily noise — announcements, chimes, the full paging-system cacophony — and travellers apparently noticed immediately, describing the change as transformative. It turns out the airport had been running what amounts to a continuous low-grade denial-of-service attack on human attention for decades, and nobody had formally decided to stop. The security angle practically writes itself: if you want people to actually respond to critical alerts, maybe don't bury them in a constant stream of noise. A lesson airports learned in 2025 that SOC teams are still working through.