top of page

Cyber Security Report -April 2026

  • 3 days ago
  • 15 min read

Research by OSINT Monitoring Team, NTT Security Japan K.K


Table Contents


Page Summary

This report selects and summarizes three topics that are considered particularly important among the various information security-related incidents and events that occurred during April 2026 and the changes in the environment surrounding them. The abstract of each topic is as follows.


Chapter 1: The Impact of Mythos


  • Mythos is the latest AI model developed by Anthropic, and is characterized by its significantly higher ability to detect security flaws, including zero-day vulnerabilities, compared to conventional AI, and its ability to autonomously perform its purpose through trial and error without human intervention.

  • Anthropic has withheld public release due to the risk of misuse of this powerful ability. He has also launched "Project Glasswing" to limit the use of Mythos to a limited number of organizations and promote the use of vulnerability detection for cyber defense purposes.

  • Although it is difficult for many companies to take immediate and effective measures regarding changes in vulnerability response after the appearance of Mythos, it is expected that the importance of vulnerability response, such as patching, will increase in the future, and it is necessary to prepare for responses based on related trends.


Chapter 2: Russian government-affiliated APT28 exploits SOHO routers to conduct espionage activities


  • The UK's National Cyber Security Centre and the U.S. Department of Justice announced that Russia's state-sponsored cyber threat group "APT28" had compromised home and small office routers (SOHO routers) around the world, rewrote DNS, and carried out attacks to direct users to fake sites.

  • APT28 is believed to have used fraudulent credentials on fake sites to access data in the clouds of U.S. military and government organizations and collect sensitive information.

  • This case shows that the abuse of perimeter equipment outside of corporate control can extend to cloud authentication infrastructure.


Chapter 3: Cyber Attacks on Italian Flood Control Systems


  • On April 4, the hacktivist group "Infrastructure Destruction Squad" issued a statement claiming to have infiltrated Italy's flood control system.

  • He showed off his involvement through the release of images of the control screen, etc., suggesting access to the actual operating environment, but no damage was confirmed.

  • This case shows that OT systems are becoming a real target for a wide range of attackers, and that attacks can be developed with social and psychological impact, with or without physical damage.



Mythos Shock


1.1. outline

On April 7, 2026, Anthropic announced its new AI "Claude Mythos Preview [hereinafter referred to as Mythos]). This model is a type of general-purpose AI that is not specialized in a specific field, and is characterized by its search ability to construct an assumption of the situation and autonomously repeat verification and retrying. During the development phase, it was revealed that it showed high performance in software analysis, especially vulnerability detection, but on the other hand, there were concerns about the risk of misusing this vulnerability detection ability. Therefore, the company has limited its publication and launched "Project Glasswing", a vulnerability detection project aimed at defense.


1.2. About Anthropic

Anthropic is an AI company founded by former OpenAI members, and its general-purpose AI "Claude" is attracting attention alongside OpenAI's "ChatGPT" and Google's "Gemini." In particular, the coding agent "Claude Code," which utilizes Claude, has greatly improved software development efficiency, drawing interest in what the company's next latest AI will be. Against this backdrop, Mythos was developed.


1.3. Mythos' vulnerability detection ability revealed during development

During the pre-release testing period, Mythos was confirmed to demonstrate extremely high capabilities in the field of cybersecurity. It detected thousands of critical security flaws, including vulnerabilities that were not patched (zero-day vulnerabilities).Anthropic said, "We found that [Mythos] has the ability to identify and exploit zero-day vulnerabilities in all major operating systems and web browsers."Compared to the AI model "Claude Opus 4.6", which has been highly regarded as the industry's highest performance, Mythos has significantly higher performance in generating exploits (attack code) in addition to detecting vulnerabilities.


An example of Mythos' capabilities is the creation of exploits that exploit known vulnerabilities in Firefox (now fixed in Firefox version 148). In addition to Mythos, the "Claude Opus 4.6" mentioned above and its sub-model, "Claude Sonnet 4.6".[2]For each of them, they presented multiple vulnerabilities in Firefox and ordered them to create exploits against them.


After 250 attempts, Claude Opus 4.6 was able to create two valid exploits, and Claude Sonnet 4.6 had zero. Mythos, on the other hand, created 181 exploits, with a success rate of 72.4% (see Figure 1).


graph of Myhtos vulnerability detection compared to other models
Figure 1: Firefox JS shell exploitation

However, according to Anthropic, Mythos has not been explicitly trained on security-related features. He did not receive any specific instructions from humans, and as a result of Mythos himself reasoning and writing code, and as a result of trial and error and improvement of a series of actions, the ability to create exploits came naturally without human intervention. In other AIs, there is a repetition of human interaction (the process in which the AI executes instructions from the human and returns the results, and the human modifies the instructions again and sends them to the AI), but in the case of Mythos, it autonomously rotates the PDCA (cycle of repeating planning, execution, evaluation, and improvement) to carry out the ordered purpose.



1.4 skills beyond expected


Exploit information released after sandbox jailbreak

In Anthropic's internal testing during the development of Mythos, the AI was instructed to escape from a securely isolated sandbox (an isolated environment where internet connectivity is limited and only a limited number of services can reach) and send a message to researchers. Mythos creates exploits over multiple stages and escapes from the sandbox. He also succeeded in accessing the Internet and notified the researchers of the message as instructed. But then a problem arose. Mythos had posted details of the exploit on multiple websites. Anthropic said the site is difficult to discover, but it is open to the public, and that Mythos' post is an act that deviates from the company's instructions. And that happened during a break while eating a sandwich in the park after the person in charge gave orders to Mythos.


Exploiting vulnerabilities in the Linux kernel to escalate privileges


Even within the 'Linux kernel,' the core part of the Linux operating system and the hardware management system, Mythos discovered multiple vulnerabilities. What is astonishing is that Mythos autonomously combined these vulnerabilities to exploit them as attack methods for permission takeover. The exploits created by Mythos from multiple vulnerabilities sought to seize full control of the machine from normal user access and seize privileges.


1.5 Myhtos commotion


Anthropic, concerned about the dangers of Mythos, was hesitant to release the AI, but on March 26, 2026, an incident occurred in which confidential information about Mythos' abilities was leaked to the outside world.[4]


This was caused by a misconfiguration of Anthropic's CMS (content management system), which temporarily made the company's unpublished data available for anyone to view. This was first reported by Fortune magazine and became widely known to the public. The article also leaked a draft of Anthropic's blog, which also included a statement that the company noted that Mythos is "far superior to any other AI model in cyber capabilities" and "a harbinger of a wave of models that can exploit vulnerabilities in a way that far exceeds the efforts of defenders."[5]


The day after this Fortune article was published, security-related stocks plunged across the board.[6]


The impact of Mythos extends beyond the AI and IT industries to governments and the financial sector. In the United States, Treasury Secretary Betsent and Federal Reserve Board (FRB) Chairman Powell convened an emergency meeting with the CEOs of major U.S. banks to confirm whether banks recognize the risks of Mythos and similar AI models and are taking countermeasures.[7]


Restrictions on Public Access and the Launch of Project Glasswing


On April 7, Anthropic released the Mythos System Card (Security and Capability Assessment Report), stating that it would not be made public due to concerns that making Mythos widely available could accelerate aggressive exploitation.[3]


On the same day, Anthropic launched a project called "Project Glasswing" to use Mythos's capabilities for cyber defense. This project involves security defenders using Mythos to discover vulnerabilities before attackers, with companies and organizations such as Amazon and the Linux Foundation participating as partners.[9]


Through this activity, Mythos has already discovered thousands of critical vulnerabilities, including in major operating systems and web browsers.


1.6 Summary

Unlike other AI models, Mythos has the capability to carry out advanced cyberattacks with a single simple command, even for those without specialized IT knowledge. Therefore, this is not made available to general users, and to use its power for defense rather than offense, "Project Glasswing" is being developed mainly by major U.S. companies. As the project progresses, the vulnerability discovery cycle accelerates, potentially increasing the frequency of patch delivery, so organizations need to be prepared to respond quickly.

References

[1] Source: red.anthropic.com 'Assessing Claude Mythos Preview's cybersecurity capabilities'https://red.anthropic.com/2026/mythos-preview/

[2] Source: Anthropic Claude, "Choosing the right Claude model: Haiku, Sonnet, and Opus"

[3] Source: Anthropic "System Card: Claude Mythos Preview"

[4] Source: NxCode "Claude Mythos Preview: Anthropic's Most Powerful AI (93.9% SWE-bench) — Why You Can't Use It"

[5] Source: Fortune "Exclusive: Anthropic acknowledges testing new AI model representing 'step change' in capabilities, after accidental data leak reveals its existence"

[6] Source: CNBC "Cybersecurity stocks fall on report Anthropic is testing a powerful new model"

[7] Source: Bloomberg Japan Edition "Anthropic's Latest AI Emergency Meeting, Treasury Secretary and Fed Chairman Convene Bank of US CEO Meeting"

[8] Source: Anthropic 'Project Glasswing'https://www.anthropic.com/glasswing

[9] Source: ZDNET Japan, 'Anthropic and 12 Other Major IT Companies Launch

AI-Based Security Project 'Glasswing'https://japan.zdnet.com/article/35246146/

Russian government-affiliated APT28 exploits SOHO routers to conduct espionage activities



2.1. outline

On April 7, the UK's National Cyber Security Center and the U.S. Department of Justice announced that Russia's state-sponsored cyber threat group APT28 had compromised SOHO routers targeting homes and small offices around the world, rewriting DNS and directing users to fake sites. APT28 is believed to have used fraudulent credentials on fake sites to access data in the clouds of U.S. military and government organizations and collect sensitive information. This case is positioned as a state-level intelligence activity.

[11], [12]

UK's National Cyber Security Center and the U.S. Department of Justice announced that Russia's state-sponsored cyber threat group APT28 had compromised SOHO routers
Figure 2: UK's National Cyber Security Center and the U.S. Department of Justice announced that Russia's state-sponsored cyber threat group APT28 had compromised SOHO routers

2.2. What is APT28?

APT28 (also known as Fancy Bear) is a hacker group with advanced attack technology that appears to belong to the General Intelligence Directorate (GRU) of the Russian General Staff. It is active on a global scale and has a strong tendency to aim for national-level information such as politics, military, and diplomacy. [11], [13]


After the 2016 Rio de Janeiro Olympics, they stole test-related data from the World Anti-Doping Agency (WADA) and exposed it. It is believed that it was in retaliation for the cancellation of many Russian athletes from participating in the Olympics due to doping issues. [14], [15]


2.3. About the attack

The APT28 attack method released by the U.S. Department of Justice and others this time consists of the following three stages, which hijacks the router, rewrites its settings, and directs users to a fake site prepared by itself.


Attack flow


(1) Intrusion into vulnerable routers


Exploiting known vulnerabilities in SOHO routers exposed directly to the Internet to steal administrator privileges. Use this permission to access the router's settings screen.


(2) Rewriting DNS settings and directing to fake sites


An attacker can tamper with DNS settings on the router's settings screen and return a fraudulent IP address that he owns only for DNS requests to specific online services (communications that query DNS for IP addresses corresponding to the domain name to which they are accessing) and direct them to a fake site. "Certain online services" included important services such as Microsoft Outlook Web Access, which allows you to use email and calendars from a web browser. On the other hand, since the correct connection information (legitimate IP address) is returned for DNS requests that are not the target of the attack, the destination site is displayed without abnormality, and it is difficult to detect that unauthorized operations are being performed.


DNS requests sent by users and examples of responses to them)

Outlook.office365[.]com (attack target)→ IP of the attacker's fake site


google[.]com → Legitimate IP


yahoo.co[.]jp → Legitimate IP


(3) Information theft and continuous espionage activities


If a user enters an ID, password, authentication token, etc. on a fake site that mimics Office365, an attacker can obtain them in their entirety. Attackers use these stolen credentials to access emails and other data on the target organization's cloud and collect information over time.


2.4. The damage

Since 2024, APT28 has been confirmed to have compromised thousands of routers worldwide. According to the FBI, military personnel, government officials, and others were victims of information theft. It is possible that information such as business partners, intellectual property, and internal plans were being searched, and authentication credentials, email contents, attachments, and sensitive cloud data were stolen [11], [12]


2.5. Targeted Routers

[11], [12]


APT28 exploited vulnerable telework environments directly exposed to the internet, as well as poorly configured SOHO routers used at home or on the go. Devices identified include mainly those made by China's TP-Link company, as well as Latvia's MikroTik. In particular, TP-Link routers, which are widely used worldwide, tend to be older models and often neglect firmware updates, resulting in frequent breaches by cybercriminals. In addition, they are also being exploited by Chinese APTs such as the recent Russian APT, Volt Typhoon, and Camaro Dragon. [17]


2.6. Neutralization measures by the U.S. Department of Justice and others

With court approval, the U.S. Department of Justice and the Federal Bureau of Investigation (FBI) sent commands to the routers used in the victim's network environment to remove the invalid DNS settings. A notable feature is the direct suspension of functions that had been exploited for cyberattacks backed by state support, based on legal procedures, suggesting that such measures were implemented in consideration of national security risks.


2.7. summary

The current APT28 case involves nation-state intelligence activities that exploited inadequate management of SOHO routers. With the spread of telework, home networks (SOHO routers and Wi-Fi environments) have become gateways to corporate networks, but these routers are often outside the scope of corporate management. As a result, patching, configuration management, and network monitoring are not sufficiently implemented, resulting in routers becoming "weak stepping stones adjacent to the enterprise" for attackers. APT28 is believed to have used this to steal credentials (such as passwords and tokens).


This case shows that the exploitation of perimeter devices outside of corporate control can extend to cloud authentication infrastructure. As a countermeasure, it is important to manage these boundary devices at the same level or higher than that of terminals, promptly replace devices that are no longer supported, and ensure that firmware is updated. In addition, on the premise that "the scope of defense is not limited to the internal network", it is necessary to promote authentication strengthening, access control, and terminal management based on Zero Trust. In addition, the United States has restricted the import of foreign-made routers from March 2026 to prevent infiltration into government systems through inadequate consumer routers. [18]


It is possible that other countries, including Japan, will consider similar responses.

References

[11] Source: National Cyber Security Centre 『APT28 exploit routers to enable DNS hijacking operations』

[12] Source: U.S. Department of Justice 『Justice Department Conducts Court-Authorized Disruption of DNS Hijacking Network Controlled by a Russian Military Intelligence Unit』

[13] Source: Cybersecurity .com 『APT28』

[14] Source: World Anti-Doping Agency (WADA) "WADA Confirms Attack by Russian Cyber Espionage Group"

[15] Source: Nihon Keizai Shimbun 『Cyber Attack on Anti-Doping Agency, Shadow of the Russian Government』

[16] Source: The Register "Russia's Fancy Bear still attacking routers to boost fake sites, NCSC warns"

[17] Source: Check Point 『Check Point Research reveals a malicious firmware implant for TP-Link routers, linked to Chinese APT group』

[18] Source: ASCII Club "U.S. Bans Overseas Routers, 'Abnormal Level of Vulnerability' for Chinese TP-Link"https://ascii.jp/limit/group/ida/elem/000/004/400/4400790/


Cyber attack on the Italian flood control system


3.1. outline

In early April, the cyber threat group "Infrastructure Destruction Squad" (also known as the "Dark Engine") claimed on its Telegram channel that it had hacked into Italy's flood protection system. The group released information about control screens and system configurations, suggesting access to the actual operational environment and highlighting vulnerabilities in critical infrastructure. This kind of communication also clearly shows the characteristics of threats surrounding OT systems that have been pointed out in recent years.


3.2. Venice's flood countermeasures

The water area, including Venice and its surrounding islands, is susceptible to land subsidence and sea level rise. In Venice, as a countermeasure against flooding during high tides, a combination of flood control facilities, drainage facilities, and local pumping systems are operated in various parts of the city. For example, in the area around St. Mark's Square, which is an area with a particularly high frequency of flooding, a dedicated hydraulic pump and a system to manage and control it are installed to control the inflow of water during storm surges. This is an OT (operational technology) system in which local agencies under the Italian government are responsible for actual operation and facility management, and is one of the important elements that constitute the city's disaster prevention infrastructure.

[19], [20]


Venice and flood countermeasures
Figure 3: Venice and flood countermeasures

3.3. About the attack


Attack on Systems under the Jurisdiction of the Italian Ministry of Infrastructure and Transport

According to a survey by security company Shieldworkz, infiltration of flood risk mitigation systems by infrastructure destruction teams began in late March 2026. Subsequently, on April 4, the group issued a statement claiming responsibility. The political purpose of this attack was cited as "exposing vulnerabilities in Italy's critical infrastructure," and it was stated that seizing the system could actually cause flooding and political intimidation against the Italian government. They also released evidence of the attack, such as screenshots of the control panel of the breach site, system layout, and information showing valve status, and even stated that they would sell the highest level of root access to the system for $600. It is not disclosed how this privilege was obtained and hacked into the system.


The Attacker

Infrastructure destruction units are a group of "hacktivists" who carry out cyberattacks to spread their political and social claims. Outside of this incident, the group has also posted claims/information about attacks and intrusions through its channel on Telegram. The languages used at that time are mainly English and Chinese, but there are many unclear points, such as which country/region the group belongs to, and whether it is operating with the support and direction of the Chinese government.

Activity increased around mid-2025,[21] and cases of targeting critical infrastructure and control systems have been confirmed in multiple regions such as Europe, Asia, and Latin America.

[22], [23]


Did the breach actually occur?

On April 12, the Infrastructure Destruction Unit issued another statement on the attack, which it called the "St. Mark's Incident". He said he had been accessing the system for several months and would continue to do so, but just 20 minutes later, he suggested that it had become inaccessible due to the authorities' actions.


By the same day, the Ministry of Infrastructure and Transport confirmed that it had detected abnormal traffic, but was not aware of the level of "persistence" of the intrusion.[20]


In addition, the actual damage caused by this case has not been confirmed.


Attacker's aim

The operation of flood prevention systems is essential to protect the safety of citizens. By demonstrating the inadequacies of this system to the Italian government and its citizens with provocative messages, the attackers likely intended to demonstrate that attacks can lead to real disasters and social turmoil, and to confirm their social and psychological influence while attracting widespread attention.


In the past, the group has suggested/claimed that it intrusion into Latvia's ship surveillance systems (which is an EU and NATO member like Germany) as "revenge" for the arrest of a person who allegedly provided assistance to Russia from Germany.[24]


Italy is also involved in sanctions against Russia and support for Ukraine, but it is unclear whether this is why the group chose Italy as a target for attack.


3.4. Targeted OT system

Attacks on OT systems like this one are on the rise. As a background, on the attacker side, the barriers to obtaining attack methods and tools targeting critical infrastructure (against the backdrop of geopolitical tensions) have decreased in recent years, and on the target organization, IT and OT systems that have been operated independently have become connected through networks, expanding the number of entry points for attacks. Various factors are mixed, such as running legacy systems that are difficult to update security. Therefore, in the OT domain, activities by state-sponsored sophisticated threat groups have been recognized as a significant threat, but in recent years the base has been expanding, and the involvement of diverse actors, including hacktivists, has been reported.


3.5. Summary

The integration of IT and OT is progressing, and the number of operational forms that operate and monitor equipment from the control system through the network is increasing.

Although the actual harm in this case seems to have been limited, it is important to note that the attacker made claims suggesting physical impact and aimed at social and psychological effects.

This shows that the threats surrounding OT are not limited to technical risks. Based on the above, it is important for organizations to manage the social and psychological impact of incidents through appropriate information dissemination in addition to technical measures.

References

[19] Source: Cybernews 『Hackers claim access to pump system protecting Venice's iconic St. Mark's Square from flooding』

[20] Source: Shieldworkz "HMI vulnerabilities in Venice: A deep dive into the San Marco pump incident"

[21] Source: Malpedia 『Infrastructure Destruction Squad』

[22] Source: Cyble "Critical Infrastructure Attacks Became Routine for Hacktivists in 2025"

[23] Source: Cyble, "Hacktivist Attacks on Critical Infrastructure Grow as New Groups Emerge"

[24] Source: The Moloch "Infrastructure Destruction Squad (Dark Engine?) Targets Latvian Entities』

  1. Disclaimer

Please note that while we do our best to ensure that the content of this article is accurate, we do not guarantee the content and do not compensate for any damages or losses incurred as a result of the use of this article. If you have any inquiries such as typographical errors, content errors, or other points in the article, please contact us at the following address.


Inquiries

NTT Security Japan Corporation

Professional Services OSINT Monitoring Team

 
 
bottom of page