Weekly Cyber Threat Digest: Major Breaches, AI-Driven Attacks, and Critical Patch Alerts

Introduction

In the ever-evolving landscape of cybersecurity, the week of April 20th brought a series of significant incidents, from high-profile data breaches to sophisticated AI-powered attacks and urgent patch updates. This digest provides a comprehensive overview of the top events, highlighting key risks and protective measures for organizations and individuals alike.

Weekly Cyber Threat Digest: Major Breaches, AI-Driven Attacks, and Critical Patch Alerts — Source: research.checkpoint.com

Top Breaches and Attacks

Booking.com Confirms Unauthorized Access to Reservation Data

The Amsterdam-based travel giant Booking.com has confirmed a data breach in which unauthorized parties accessed reservation details tied to certain customers. Exposed information includes names, email addresses, phone numbers, physical addresses, and booking specifics. This leak significantly increases phishing risks for affected users. In response, the company has reset reservation PINs and notified impacted individuals.

McGraw-Hill Discloses Breach of 13.5 Million Accounts

Global educational publisher McGraw-Hill has reported a data breach following an extortion attempt after attackers compromised its Salesforce environment. The incident exposed data from approximately 13.5 million accounts, including names, email addresses, phone numbers, and physical addresses. Notably, no payment card information was compromised. The company is working to notify affected users and strengthen its security posture.

Supply Chain Compromise Hits WordPress Plugin Developer EssentialPlugin

EssentialPlugin, a firm specializing in WordPress plugins, suffered a supply chain attack that pushed malicious updates to over 30 of its plugins, affecting thousands of websites. The backdoored code enabled unauthorized access and creation of spam pages. Although WordPress.org has closed the affected plugins, infections may persist on sites that have not yet cleaned or updated their installations.

Basic-Fit Data Breach Exposes Bank Details of One Million Members

Basic-Fit, Europe’s largest gym chain, reported a data breach after attackers accessed a franchise-wide system used to track club visits. The incident exposed bank account details and personal data for roughly one million members across six countries. Critically, passwords and identity documents were not affected, but the financial data exposure remains a serious concern.

AI Threats

Lone Hacker Uses AI to Breach Nine Mexican Government Agencies

Researchers have revealed that a single malicious actor weaponized Claude Code and OpenAI’s GPT-4.1 to infiltrate nine Mexican government agencies. The AI-driven commands accelerated reconnaissance, executing a total of 5,317 actions across 34 sessions. The hacker accessed 195 million taxpayer records and 220 million civil records after bypassing safety filters through prompt manipulation and injection of a hacking manual.

Fake Claude Pro Installer Delivers PlugX Malware

A new phishing campaign impersonates Anthropic’s Claude AI by distributing a fake Claude Pro installer for Windows. The package displays a working application to distract victims while abusing a trusted program to sideload PlugX malware. This backdoor enables remote access and persistence on compromised systems.

Prompt Injection Hijacks AI Agents in GitHub Workflows

Researchers have demonstrated a novel prompt injection technique that targets AI agents used in GitHub workflows from major vendors. Malicious instructions hidden in pull request titles or comments can trick agents into running arbitrary commands and exposing repository secrets, such as access tokens and API keys, during automated development tasks.

Vulnerabilities and Patches

Active Exploitation of Apache ActiveMQ Vulnerability (CVE-2026-34197)

CISA has issued a warning about active exploitation of a critical code injection flaw in Apache ActiveMQ, tracked as CVE-2026-34197. This vulnerability, with a CVSS score of 8.8, allows remote code execution. Apache has addressed the issue in versions 5.19.4 and 6.2.3. Check Point IPS provides protection against this threat under signature Apache ActiveMQ Code Injection (CVE-2026-34197).

Splunk Releases Fix for High-Severity Vulnerability CVE-2026-20204

Splunk has rolled out patches for CVE-2026-20204, a high-severity vulnerability that could lead to remote code execution. Organizations using Splunk are advised to apply the updates immediately to mitigate risk.