IT a.m. 🌤️ Apr 15, 2026
Backdoors Found in Dozens of WordPress Plugins After Ownership Changes
According to TechCrunch, dozens of WordPress plugins were compromised with backdoor code after being acquired by a new corporate owner. The supply chain attack affected thousands of websites, injecting malware that could grant attackers remote access to affected sites.
- According to security researchers cited by TechCrunch, the backdoors were planted after legitimate plugin developers sold their projects to an unknown buyer, who then pushed malicious updates through WordPress.org’s trusted update channel.
- IT teams should immediately audit all installed WordPress plugins, verify current ownership, and review recent update changelogs. Plugins that recently changed hands warrant extra scrutiny or removal.
- This incident exposes a critical gap in software supply chain security: WordPress has no formal vetting process when plugin ownership transfers, making M&A activity a viable attack vector for threat actors targeting downstream users at scale.
💻 IT News
SolarWinds has launched SW1, an agentic AI teammate designed to help companies monitor and manage complex computing environments at large scale through autonomous IT operations.
Microsoft resolved a bug that caused Windows Server 2019 and 2022 systems to automatically upgrade to Windows Server 2025 without user consent.
🌩️ Cloud News
AWS has announced general availability of AWS Interconnect, a managed private connectivity service that connects Amazon VPCs directly to VPCs on other cloud providers, plus a new last-mile capability.
Cloudflare introduced Cloudflare Mesh to simplify cloud connectivity and provide private networking infrastructure designed for AI agents and DevOps teams.
🧠 AI News
Anthropic researcher used Claude Code to discover a remotely exploitable heap buffer overflow in Linux kernel’s NFS driver that remained undetected for 23 years. Five kernel vulnerabilities have been confirmed so far.
US Treasury Secretary Scott Bessent hailed Anthropic’s Mythos as a revolutionary step keeping America ahead of China in AI.
🛡️ Cybersecurity News
Microsoft’s April 2026 Patch Tuesday includes security updates for 167 vulnerabilities, including two actively exploited zero-day flaws.
⚙️ DevOps News
Danish startup Leapwork has launched its fully automated Continuous Validation Platform designed to help enterprises keep pace with the increasing velocity of generative AI software development.
🏗️ Infrastructure News
ASML raised its full-year sales forecast as global AI spending fuels semiconductor production and boosts demand for its advanced chipmaking machines.
📈 M&A News
Anthropic has received several investor offers for a funding round that could value the AI startup at about $800 billion or higher, overtures it has so far resisted.
🏢 Top Software License Optimization Firms
According to CIO.com, AI Demand Is Driving Pandemic-Scale Memory Shortages
According to CIO.com, surging AI infrastructure buildouts are creating a global memory chip shortage rivaling pandemic-era disruptions – squeezing supply for everything from enterprise laptops to hyperscale data centers and forcing IT leaders to rethink procurement timelines.
- According to the report, HBM (high-bandwidth memory) demand from AI accelerators is cannibalizing DRAM supply for standard devices, driving up prices and extending lead times across the board.
- CIO.com notes that IT leaders should expect 12-18 months of tight supply, making early budget locks and strategic vendor relationships critical for maintaining refresh cycles.
- The article highlights that memory now represents a growing share of total device cost, pressuring organizations to reassess fleet planning and consider lifecycle extensions where possible.
🔎 Dive Deeper
Qlik’s Agentic AI Study found that while 97% of enterprises have committed budget to agentic AI, data governance has become the primary bottleneck between AI ambition and outcomes.
MSPs face the challenge of communicating cyber threats to clients effectively without overwhelming them with the steady stream of daily risks.
Gartner recommends CIOs adopt an AI-augmented leadership approach to improve management effectiveness and encourage IT teams to work more closely with AI.
Manual access management creates recurring Monday morning friction that quietly erodes enterprise velocity, based on nearly two decades of identity practitioner experience.
Anthropic’s Mythos AI model, teased as too dangerous to release, prompted US Treasury Secretary to summon Wall Street leaders to ensure precautions are taken.
The EU’s NIS2 directive represents a board-level compliance concern that extends beyond direct regulatory scope and affects broader organizational security posture.
EDR killers using bring-your-own-vulnerable-driver (BYOVD) attack techniques are difficult to stop but organizations can implement stronger defenses against them.
Volatility driven by economic uncertainty, geopolitical shocks, AI disruption, and shifting buyer behavior is now the norm for B2B leaders. Traditional go-to-market models are being exposed as inadequate in this new operating environment.
🎧 Latest Podcasts
🎧 Apr 13, 2026
🎧 Apr 14, 2026
🎧 Apr 13, 2026
🎧 Apr 14, 2026
🎧 Apr 15, 2026
