Article Read Time
1. Drift Protocol Suffers $285 Million Heist in Sophisticated Smart Contract Attack
Solana-based decentralized exchange Drift confirmed that attackers drained approximately $285 million from the platform on April 1, 2026, through a novel attack exploiting durable nonces that gave malicious actors multi-week preparation time and staged execution. The breach resulted in attackers gaining control of Drift’s Security Council administrative powers, representing one of the largest cryptocurrency platform compromises of the year. Security researchers attribute the attack’s sophistication to careful planning and a deep understanding of the platform’s architecture.
| [SecurityWeek]
2. Cisco Releases Patch for Critical IMC Vulnerability with 9.8 CVSS Score
Cisco released urgent updates addressing a critical security flaw in the Integrated Management Controller (IMC) tracked as CVE-2026-20093 with a severity score of 9.8, allowing unauthenticated remote attackers to bypass authentication and gain elevated privileges. The vulnerability affects a wide range of Cisco infrastructure products and poses an immediate risk to enterprises worldwide. Organizations are urged to apply patches immediately to prevent potential unauthorized access to critical systems.
[BleepingComputer]
3. Anthropic Claude Code Source Code Leak Exploited to Distribute Vidar Malware
Anthropic accidentally leaked source code for the Claude Code CLI tool on April 2, 2026, and threat actors quickly capitalized by creating fake GitHub repositories that deliver the Vidar information-stealing malware. The malware targets developers and security researchers actively using Claude Code, demonstrating how supply chain vulnerabilities can be weaponized within hours. This incident highlights the critical importance of secure code handling and rapid incident response in the developer community.
Source: [SecurityWeek]
4. EU Attributes Commission Cloud Hack to TeamPCP Threat Group
The European Union’s Cybersecurity Service attributed the European Commission’s cloud infrastructure breach to the TeamPCP threat group, which compromised sensitive data from at least 29 other Union entities across multiple government agencies. The attack on the EU’s central cloud infrastructure represents a significant geopolitical security incident affecting critical government operations. Investigation details suggest sophisticated nation-state level capabilities in the attack’s execution and persistence mechanisms.
[Cybersecurity Dive]
5. SparkCat Malware Discovered on Apple App Store and Google Play, Targeting Crypto Users
Cybersecurity researchers identified a new strain of the SparkCat malware concealed within seemingly benign applications on both the Apple App Store and Google Play Store, designed to scan victims’ photo galleries for cryptocurrency wallet recovery phrases. The malware primarily targets cryptocurrency users in Asia, exploiting the common practice of storing wallet backups as photos. This incident demonstrates how threat actors are evolving to blend malicious functionality into legitimate-appearing apps, bypassing app store security reviews.
[Cybernews]