cybr.cx Daily Digest — April 16, 2026

Critical Vulnerabilities

CVE-2026-40502 | OpenHarness | CVSS 8.8
Remote gateway users with chat access can inject administrative commands — including full permission grants — by bypassing the gateway handler's weak distinction between local and remote-safe commands. If your deployment exposes OpenHarness chat interfaces externally, treat this as critical regardless of the CVSS label. Patch to commit dd1d235 or later immediately.

CVE-2026-6348 | WinMatrix Agent (Simopro Technology) | CVSS 8.8
A missing authentication check in the WinMatrix agent allows any authenticated local attacker to execute arbitrary code as SYSTEM — not just on the compromised host, but across every machine in the environment where the agent is deployed. The lateral movement potential here is severe. Pull the agent or apply vendor mitigations before this becomes your next incident.

CVE-2023-3634 | Festo MSE6 Family | CVSS 8.8
A hidden test mode in Festo's MSE6 industrial controllers can be accessed by any remote authenticated low-privileged user, resulting in complete loss of confidentiality, integrity, and availability. OT/ICS environments should treat this as a priority — undocumented backdoor functionality in industrial hardware is a threat actor's dream. Check your Festo estate now.

CVE-2026-3614 | AcyMailing Plugin for WordPress (≤10.8.1) | CVSS 8.8
A missing capability check on the AJAX handler allows subscriber-level WordPress users to access admin-only controllers, manipulate configuration, and enable autologin features. With AcyMailing widely deployed across marketing-heavy WordPress sites, this is a straightforward privilege escalation with a low bar to exploit. Update to 10.8.2 or later.

CVE-2026-1620 | Livemesh Addons for Elementor (≤9.0) | CVSS 8.8
Insufficient sanitisation of the template name parameter — via a bypassable str_replace() approach — enables authenticated attackers to perform local file inclusion through recursive directory traversal. Remote code execution is a realistic next step depending on server configuration. Update immediately.

CVE-2026-22676 | Barracuda RMM (<2025.2.2) | CVSS 7.8
Overly permissive ACLs on C:\Windows\Automation allow local attackers to plant or modify files that the RMM agent subsequently executes under NT AUTHORITY\SYSTEM. RMM tools are already high-value targets; this makes a local foothold a fast path to full domain compromise. Upgrade to 2025.2.2.

CVE-2026-6351 | Openfind MailGates/MailAudit | CVSS 7.5
An unauthenticated CRLF injection vulnerability allows remote attackers to read arbitrary system files without any credentials. Mail security appliances sitting on network perimeters with this flaw are a serious exposure. Apply vendor patches without delay.

Headline News

WordPress Plugin Supply Chain Compromise Hits Thousands of Sites
More than 30 plugins bundled in the EssentialPlugin suite have been found carrying malicious code that grants attackers unauthorised backend access to any WordPress site running them. The scale of this supply chain compromise is significant — plugin repositories remain a high-leverage attack surface because site owners routinely trust packaged suites without auditing individual components. If you manage WordPress infrastructure, audit your installed plugins against the affected list immediately, rotate credentials, and review server logs for signs of unauthorised access. This is a reminder that third-party plugin trust is effectively transitive: you're trusting every developer in the chain.

PlugX Malware Distributed via Fake Claude AI Installer
A campaign targeting Windows users is spreading PlugX — a remote access trojan with a long history of state-linked espionage operations — through a convincing fake installer mimicking Anthropic's Claude AI application. The malware uses DLL sideloading to establish persistent access, a well-worn technique that continues to evade signature-based defences with minimal effort. The abuse of legitimate AI brand names is a calculated choice: demand for AI tools is high, users are downloading unfamiliar executables, and the urgency to try new software overrides caution. Practitioners should reinforce application allowlisting policies and ensure endpoint telemetry covers DLL load events — sideloading leaves a trail if you know where to look.

Two Americans Sentenced in North Korean IT Worker Revenue Scheme
Two US nationals have been sentenced for their roles in a scheme that funnelled approximately $5 million to North Korea by placing fake IT workers inside American companies. The operation exploited remote hiring practices — using fraudulent identities to pass vetting and secure employment — with the earnings routed directly to DPRK-linked programmes. This case underscores that the North Korean IT worker threat is not theoretical: it has already successfully penetrated organisations, generated significant revenue, and likely resulted in insider access that extends well beyond payroll fraud. Security teams and HR departments should revisit identity verification procedures for remote hires, particularly for roles with privileged system access.

Schrödinger's Feed

52-Qubit Quantum Fourier Transform Executed on IBM Heron
ParityQC has successfully demonstrated the Quantum Fourier Transform (QFT) — a foundational algorithm underpinning Shor's algorithm for breaking RSA and elliptic curve cryptography — across 52 qubits on IBM's Heron r3 processor. This isn't a cryptographically threatening result yet, but it is a meaningful engineering milestone: the QFT is the hard part of the cryptographically relevant computation, and getting it to run cleanly at this scale matters. Meanwhile, a Vanderbilt Quantum Forum panel this week made the point that the harvest now, decrypt later threat may already be past tense — the data collection has happened, and the clock is running. Practitioners who haven't yet begun migrating to NIST-standardised post-quantum algorithms should treat 52-qubit QFT demonstrations as a scheduling prompt, not a distant warning.

/dev/random

Cloudflare has unveiled an AI inference platform purpose-built for autonomous agents — essentially, a layer designed so that AI systems can call other AI systems at scale, with Cloudflare sitting in the middle of all of it. The security implications of a world where agents are making requests on behalf of other agents through a centralised inference broker are left as an exercise for the reader. It does raise a genuinely interesting question: when your WAF starts blocking traffic generated by an AI that was itself instructed by another AI, who exactly files the support ticket? The agentic future is arriving, and the blast radius of a misconfigured prompt just got a lot more interesting.