This Month in Security: April 2026 - SharePoint Spoofing, Microsoft’s 167-CVE Patch Tuesday, Context AI/Vercel breach, and Fortinet EMS Mass Exploitation

This image is licensed by Getty Images.

‍

‍

April 2026 delivered one of the heaviest patch loads in recent memory, with Microsoft alone addressing 167 CVEs, which included two zero-days, one actively exploited against SharePoint Server. Fortinet shipped emergency out-of-band fixes for a critical pre-authentication bypass in FortiClient EMS that was already being weaponized in honeypots before public disclosure, while Cisco patched three actively exploited Catalyst SD-WAN Manager flaws. CISA expanded its Known Exploited Vulnerabilities catalog four separate times during the month, and ransomware crews tore through healthcare, automotive analytics, and developer tooling supply chains. Capping the month, CISA released its Cross-Sector Cybersecurity Performance Goals (CPG) 2.0 framework, signaling a renewed federal push on governance and identity defense.

‍

Critical Zero-Day Exploits

‍

Threat actors zeroed in on collaboration platforms, endpoint management tools, and edge networking gear this month, with multiple flaws exploited before patches were broadly deployed.

• Microsoft SharePoint Server Spoofing (CVE-2026-32201): An improper input validation flaw in SharePoint Server allowed unauthenticated network attackers to spoof identities and pivot deeper into enterprise document repositories. Microsoft confirmed in-the-wild exploitation, and CISA added the CVE to its KEV catalog on April 14, 2026 with a tight federal remediation deadline (Tenable).
• Fortinet FortiClient EMS Pre-Auth Bypass (CVE-2026-35616): Rated CVSS 9.1, this pre-authentication API access bypass leads directly to privilege escalation on FortiClient Endpoint Management Server. WatchTowr Labs observed exploitation attempts against its honeypots starting March 31, before Fortinet’s out-of-band patch, and CISA mandated FCEB remediation by April 9, 2026 (The Hacker News).
• Microsoft Defender Elevation of Privilege (CVE-2026-33825): A 7.8 CVSS local elevation-of-privilege flaw in the Microsoft Defender anti-malware platform. The bug matches the publicly described “BlueHammer” exploit, which surfaced on GitHub on April 3 and grants attackers SYSTEM-level control of compromised endpoints (BleepingComputer, BleepingComputer).
• Cisco Catalyst SD-WAN Manager Flaws (CVE-2026-20122 / 20128 / 20133): Three actively exploited vulnerabilities in Cisco Catalyst SD-WAN Manager were added to CISA’s KEV catalog on April 20. Successful exploitation gives attackers footholds in network management planes, enabling lateral movement across enterprise WANs (CISA).
• Fortinet FortiClient EMS SQL Injection (CVE-2026-21643): An unauthenticated SQL injection vulnerability allowing remote attackers to execute commands via crafted HTTP requests. Added to CISA’s KEV on April 13 alongside several other actively exploited flaws (Greenbone).

‍

Notable Threats and Incidents

‍

Ransomware operators and data-extortion crews maintained their tempo in April, with breaches affecting everything from hospitals to municipal IT and developer infrastructure providers.

• GitHub Remote Code Execution: Wiz researchers discovered a remote code execution vulnerability in the backend of GitHub.com. The vulnerability allows users using simple git commands to execute code on GitHub.com. It was patched by GitHub for the publically facing infrastructure. GitHub Enterprise users are urged to upgrade immediately (Wiz).
• Vercel / Context.ai Supply-Chain Breach: Attackers compromised OAuth tokens from Context.ai’s deprecated AI Office Suite and used them to pivot into Vercel’s systems, accessing environment variables for a subset of customers. Vercel confirmed no npm supply-chain tampering; affected customers should rotate all secrets (Vercel, Context.ai). 
• AI Agent Destroys Production Database (PocketOS/Cursor/Railway): A Cursor agent running Claude Opus 4.6 autonomously found an unscoped Railway API token in an unrelated file and issues a single volumeDelete GraphQL call, which wiped a prod database and all volume level backups in 9 seconds. The agent then wrote a confession of every safety constraint it violated (X/@lifeof_jer)
• Autovista Ransomware Attack: UK-based automotive data analytics provider Autovista was hit by ransomware that took down its Eurotax, Schwacke, Glass’s, and Rødboka platforms across Europe and Australia, disrupting downstream pricing applications used by dealerships, insurers, and lenders (SharkStriker).
• Qilin Ransomware Hits Higashiyama Industries: On April 17, the Qilin ransomware crew claimed exfiltration of more than 1.7 million transactional and customer records from Japanese manufacturer Higashiyama Industries, posting samples on its leak site to pressure payment (CYFIRMA).
• Middlesex County Cyber Attack: On April 1, Middlesex County reported a cyber incident impacting town and public-safety systems, the latest in a string of municipal compromises that have exposed weaknesses in shared county-level IT infrastructure (BreachSense).
• Healthcare Sector Onslaught: April produced a cluster of significant healthcare incidents, including the ANUBIS ransomware attack on Signature Healthcare on April 9, the Lynx group’s intrusion at ACN Healthcare on April 10, and a Hong Kong Hospital Authority insider-threat event affecting roughly 56,000 patients on April 3. Combined with the late-March CareCloud EHR breach, the cluster underscores both the scale and the structural exposure of healthcare technology supply chains (Zeron).
• North Attleboro Public Schools Intrusion: The Massachusetts district detected suspicious network activity later confirmed as an intrusion. Like several other April incidents, the response forced offline operations and prompted a third-party forensic review (BreachSense).
• Critical protobuf.js RCE (GHSA-xq3m-2v4x-88gg, CVSS 9.4): A critical RCE (CVSS 9.4) in protobuf.js allows code injection via maliciously crafted .proto schema type names, firing on first message decode with no user interaction. Fixed in versions 7.5.5 / 8.0.1; check for transitive exposure via @grpc/proto-loader, Firebase, and Google Cloud SDKs with npm ls protobufjs  (Endor Labs). 

‍

Policy and Framework Updates

‍

Federal cyber agencies sharpened their guidance this month, doubling down on governance, identity defense, and operational resilience. Read why having, keeping, and maintaining AI policy and guidance documents are necessary here. 

• CISA Cross-Sector CPG 2.0 Released: CISA published version 2.0 of its Cross-Sector Cybersecurity Performance Goals, aligned to NIST CSF 2.0 and reorganized around the six functions of Govern, Identify, Protect, Detect, Respond, and Recover. The update introduces a dedicated governance component, removes redundant or underutilized goals, and provides clearer methodology and supporting materials for implementation across both IT and OT environments (CISA).
• Aggressive KEV Catalog Expansion: CISA added vulnerabilities to its Known Exploited Vulnerabilities catalog four separate times in April; seven on April 13, two on April 14, eight on April 20, and four on April 24 which covered Fortinet, Microsoft, Cisco, Adobe, PaperCut, JetBrains, Quest KACE, Synacor Zimbra, Samsung MagicINFO, SimpleHelp, and D-Link products. The cadence reflects sustained exploitation across both legacy and current enterprise software (The Hacker News).

‍

‍

April Patches and Vulnerabilities

‍

• Microsoft Patch Tuesday: Microsoft released fixes for 167 vulnerabilities, including two zero-days (CVE-2026-32201 in SharePoint and CVE-2026-33825 in Defender). Eight were rated Critical, making this one of the largest single Patch Tuesdays on record (BleepingComputer).
• Elevation of Privilege Dominates: Of the 167 fixes, 93 (57%) addressed elevation-of-privilege flaws, with remote code execution and information disclosure tied at 20 patches each (12%). The mix reflects attackers’ continuing preference for chaining initial access with local privilege escalation rather than relying on a single RCE (Tenable).
• Multi-Vendor Emergency Patching: Beyond Microsoft, April brought critical fixes from SAP (NetWeaver authorization checks), Adobe (Acrobat and Reader prototype-pollution flaws), Fortinet (FortiClient EMS pre-auth bypass and SQLi), and Cisco (Catalyst SD-WAN Manager). Multiple vendors aligned releases to Patch Tuesday week to ease coordination for enterprise patch teams (The Hacker News).

‍

Key Takeaways for Staying Secure

‍

• Patch FortiClient EMS Immediately: CVE-2026-35616 was being exploited a week before Fortinet’s out-of-band patch. Treat any internet-facing FortiClient EMS instance as compromised until patched, and audit administrator accounts and integrations for anomalous activity.
• Prioritize SharePoint and Identity Hardening: The CVE-2026-32201 spoofing zero-day exploits trust between SharePoint and downstream identity flows. Patch on-prem SharePoint Server urgently, restrict legacy authentication paths, and review conditional-access policies for collaboration workloads.
• Aggressively Roll Out April’s Microsoft Updates: With 93 elevation-of-privilege fixes in a single Patch Tuesday with one zero-day already weaponized as the BlueHammer exploit. Delaying deployment leaves endpoints trivially escalatable from any foothold an attacker establishes.
• Audit Your Developer-Tooling Supply Chain: The Vercel/Context.ai compromise is the latest reminder that AI-adjacent and observability vendors hold deep credentials. Inventory third-party SaaS integrations in your build and deployment pipeline, rotate any credentials shared with vendors that disclosed incidents this month, and review OAuth grant scopes; the attack pivoted specifically through an “allow all” Google Workspace OAuth grant that gave the AI agent broad account permissions.
• Patch protobuf.js and Treat Schemas as Code: GHSA-xq3m-2v4x-88gg (CVSS 9.4) affects any Node.js service that loads .proto schemas at runtime. Upgrade to protobuf.js 7.5.5 or 8.0.1 and run npm ls protobufjs to surface transitive dependencies via @grpc/proto-loader, Firebase, and Google Cloud SDKs. Beyond patching, extend your software composition analysis pipeline to cover .proto schema files and schema registries. Schema-loading endpoints are code-execution surfaces, not inert configuration.
• Harden Ransomware Defenses: April’s healthcare cluster (Signature, ACN, CareCloud, Hong Kong Hospital Authority) spans EHR platforms, ransomware groups, and insider threats. Validate immutable backups, segment EHR networks, and rehearse downtime procedures for clinical operations.
• Map Your Program to CPG 2.0: CISA’s refreshed framework now leads with Govern. Use the new release as an opportunity to reset board-level reporting, clarify cybersecurity accountability, and tie metrics to the six-function structure adopted by NIST CSF 2.0.
• Build an AI Tool Guide Before Agents Touch Prod: The PocketOS database deletion is a concrete example of what happens without one. Agentic coding tools need their own governance documents covering token scoping, sandboxing, approved API surfaces, and explicit rules around destructive operations. System prompt warnings alone are not sufficient (Cloud Security Partners).
• Review Your Security Posture: When needed, reach out to a trusted provider to review your security posture, like Cloud Security Partners. 

‍

About the Author

‍

Jordan Darrah is a Security Consultant at Cloud Security Partners. Jordan's interest in IT started when she was working as a menswear fashion designer and bridal seamstress. Since then, she has built a diverse technical background spanning hardware repair, systems administration, regulatory compliance, and penetration testing.

‍

Currently, Jordan specializes in application and cloud security assessments, where she evaluates system vulnerabilities and conducts penetration tests. Jordan holds multiple industry certifications, including CISSP, eJPT, and CompTIA PenTest+. She also runs an OSCP study group and maintains a blog where she breaks down concepts and tools for new security professionals.

‍