UK could face ‘hacktivist attacks at scale’, says head of security agency
The head of the UK’s National Cyber Security Centre warned that a conflict scenario could trigger large-scale hacktivist attacks with effects similar to major ransomware incidents, but without the option of paying to recover. He also tied the risk outlook to rising geopolitical tension and faster AI-driven vulnerability discovery, framing this as a resilience issue for both public and private sector organizations.
CISA flags new SD-WAN flaw as actively exploited in attacks
CISA added CVE-2026-20133 in Cisco Catalyst SD-WAN Manager to its Known Exploited Vulnerabilities catalog and gave federal agencies until April 24 to remediate. Cisco says the bug can let an unauthenticated attacker access sensitive information through the API on unpatched systems, making this a practical patch-now issue for organizations running exposed or critical SD-WAN infrastructure.
Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia
ESET says a newly described China-linked group called GopherWhisper compromised at least 12 systems in one Mongolian government institution and likely hit additional victims as well. What stands out is the group’s command-and-control tradecraft, which used multiple cloud and collaboration services including Outlook, Slack, Discord, and file.io to support espionage activity and make tracking more difficult.
North Korean hackers siphon more than $12 million from crypto users in sprawling campaign
Incident responders linked a broad malware campaign to North Korean actors and said the operation stole up to $12 million in cryptocurrency during the first three months of 2026. The campaign targeted Web3 developers with fake job offers, used AI to help build fake companies and LinkedIn personas, and deployed malware that could exfiltrate credentials from password managers and macOS Keychain.
Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks
At-Bay’s 2026 InsurSec Report says overall cyber claim frequency rose 7% year over year, with average claim severity reaching a record $221,000. The report also says ransomware remained the most expensive incident type at an average severity of $508,000, while remote access services were the entry point for 87% of ransomware claims in 2025, reinforcing how much risk is still concentrated in externally accessible access paths.
The post InfoSec News Nuggets 04/24/2026 appeared first on AboutDFIR – The Definitive Compendium Project.
