Weekly Threat Roundup: April 14–18, 2026

This week's critical vulnerabilities, active threats, and patches you need to apply. Your weekly digest of everything that matters in cybersecurity.

Elevate Solutions

April 18, 2026 · 4 min read

Patch this week

Several vendors shipped fixes for actively-exploited flaws in edge devices and browsers. Prioritize anything internet-facing and anything on CISA's known-exploited list.

Active threats

Quishing campaigns and help-desk social engineering continued to dominate intrusions; ransomware affiliates kept favoring exposed remote-access services.

Our take

Patch velocity on edge and identity systems is the single best predictor of who avoids this week's incidents. Managed clients are already covered by our patch SLAs.

Elevate Solutions

Security & IT Advisory Team

Threat Intelligence Windows

Windows: New Ransomware Variant Bypasses Defender — What to Check Now

A new ransomware strain is using signed Windows drivers to disable Microsoft Defender before encrypting files. Here's how to detect it and what compensating controls to deploy.

April 22, 2026 · 6 min

Threat Intelligence

Threat Actor Spotlight: Scattered Spider — How They Breach Companies Like Yours

Scattered Spider is the threat group behind some of the most devastating breaches of 2025–2026, including attacks on major enterprises and dozens of mid-market companies. Here's how they operate and how to defend.

April 21, 2026 · 8 min

Threat Intelligence macOS

Yes, Your Mac Gets Malware — Here Is How It Actually Happens

The idea that Macs don't get viruses is the most dangerous myth in cybersecurity. Mac-targeted malware rose sharply year over year. Here's how modern Mac malware works.

April 21, 2026 · 10 min