Cybersecurity Editorial Brief — April 9, 2026

State-Sponsored Activity and Critical Infrastructure Under Pressure

The UK's National Cyber Security Centre issued an advisory warning that Russian state hacking group APT28 is exploiting vulnerabilities in TP-Link and MikroTik routers to facilitate credential theft and network infiltration. Simultaneously, U.S. agencies warned of ongoing attacks targeting internet-connected programmable logic controllers (PLCs) in critical infrastructure environments, highlighting persistent exposure of operational technology to external threats. The FBI's 2025 Internet Crime Report underscores the broader trend: U.S. cybercrime losses reached $21 billion, with ransomware attacks significantly outpacing traditional data breaches as the dominant threat vector.

AI in Cybersecurity: Dual-Use Concerns Emerge

Anthropic unveiled "Claude Mythos" and Project Glasswing, a frontier AI model designed to identify security vulnerabilities at scale. The company is restricting public access due to concerns the tool could enable sophisticated attacks if widely distributed, making it available only to vetted cybersecurity specialists. CrowdStrike's CEO echoed similar concerns, warning that AI-driven vulnerability discovery will likely trigger a surge in attacks as both defenders and adversaries gain capability. Meanwhile, a new variant of Chaos malware is exploiting misconfigured cloud deployments and now includes SOCKS proxy functionality, demonstrating how threat actors continue to evolve against cloud-native infrastructure.

Breaches Impact Healthcare and Financial Services

CareCloud disclosed a security incident in which attackers accessed systems storing electronic health records for over eight hours. Separately, Figure Technology confirmed a breach affecting nearly one million users following a social engineering attack attributed to the ShinyHunters group, resulting in 2.5 gigabytes of stolen data. At the local government level, a cyberattack on Winona County, Minnesota prompted Governor Tim Walz to authorize National Guard assistance after the incident significantly impaired emergency and municipal services.

Sources: Tom's Hardware · The Hacker News · Industrial Cyber · Industrial Cyber · The Guardian · Security Week · CNBC · WFIN · Top Class Actions · MPR News