Vimeo breached and more - May 3, 2026

Weekly Roundup
Written By RF Wave

Featured

Vimeo has confirmed it was victim of a data breach

The attackers were able to access customer and user data

This Week’s Updates

Breaches

Itron disclosed a cybersecurity incident in an SEC 8-K filing after an unauthorized third party accessed certain internal IT systems

Medtronic confirmed hackers breached its network and accessed data in certain corporate IT systems, after attackers claimed theft of 9 million records

ADT's breach by ShinyHunters exposed personal information of 5.5 million individuals, per Have I Been Pwned

Checkmarx confirmed the LAPSUS$ group leaked data stolen from its private GitHub repository

Instructure, maker of the Canvas learning platform, disclosed a cybersecurity incident and is investigating its impact

Vulnerabilities

Hackers are exploiting CVE-2026-42208, a critical pre-auth SQLi flaw in the LiteLLM open-source LLM gateway

CISA ordered federal agencies to patch a Windows vulnerability being actively exploited in zero-day attacks

GitHub patched CVE-2026-3854, a critical RCE flaw that could have given attackers access to millions of private repositories

Critical cPanel/WHM auth-bypass CVE-2026-41940, exploited as a zero-day since February and emergency-patched, is now being mass-exploited in "Sorry" ransomware attacks

Threats

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli npm package containing a credential-stealing payload capable of spreading to other projects

An attacker pushed a malicious version of the popular elementary-data PyPI package (11M monthly downloads) to steal sensitive developer data and cryptocurrency wallets

Multiple official SAP npm packages were compromised in a suspected TeamPCP supply-chain attack to steal credentials and authentication tokens from developers' systems

RF Wave
Next

ADT breached and more - Apr 26, 2026