Jordan: APT41 just dropped a backdoor with zero antivirus detections targeting your AWS, Azure, GCP, and Alibaba Cloud credentials simultaneously. If that sentence doesn't make you put down your coffee, I don't know what will.

Alex: It's Tuesday, April 14th, 2026. Welcome to Cleartext. I'm Alex Chen.

Jordan: And I'm Jordan Reeves.

Alex: Today we have a dense one. APT41's new cloud credential harvester, the FBI taking down a major phishing-as-a-service operation, an Adobe zero-day that's been burning since December, a Fortinet critical at CVSS 9.1, and a supply-chain breach at Anodot that's got ShinyHunters extorting Rockstar Games and a dozen other enterprise names. We'll also get into the CSA's AI vulnerability storm warning and what 29 million leaked secrets in a single year actually means for how you're managing AI agent credentials. A lot to get through. Let's move.

Jordan: Let's start with APT41, because this is the story that should be sitting in front of your board before the end of the week. The group — China-state-sponsored, prolific, financially and espionage-motivated simultaneously — has deployed a new backdoor that is currently achieving zero antivirus detections. Not low detections. Zero. And it is purpose-built to harvest credentials across AWS, Google Cloud, Azure, and Alibaba Cloud in the same campaign. The C2 traffic is disguised through typosquatting domains, which means your network monitoring tools are likely going to miss it unless you're doing something more sophisticated than signature matching.

Alex: The business implication here is straightforward and severe. Cloud credentials are the keys to your kingdom. This isn't an attacker trying to get a foothold on a single endpoint — this is someone going directly for the identity layer of your entire cloud infrastructure. If they get valid IAM credentials, they can exfiltrate data, pivot laterally, spin up resources, and cover their tracks, all within your own environment's legitimate API calls. The detection problem is real. Traditional AV is useless here. What you need immediately is an audit of your cloud IAM posture — who has what, what's over-permissioned, where are credentials stored, are you rotating them, and do you have behavioral anomaly detection on your cloud control planes.

Jordan: And the Alibaba Cloud targeting is worth noting specifically. This tells you APT41 is operating globally and thinking about supply chain access — companies with Chinese market presence or partners using Alibaba Cloud infrastructure are now explicitly in scope. This isn't a US-only problem.

Alex: From APT41 to a different kind of adversary operation — the FBI and Indonesian authorities have taken down the W3LL phishing-as-a-service platform and arrested the alleged developer. W3LL is significant because it was industrialized MFA bypass. Seventeen thousand victims, over twenty million dollars in fraud attempts, and the platform was specifically engineered to intercept MFA tokens in real time. The reason this matters to your organization even after the takedown is twofold. First, check whether you were targeted — the FBI will likely be notifying victims through standard channels. Second, W3LL is a symptom, not the disease. These phishing kit marketplaces proliferate. Taking one down is meaningful, but the capability is now well understood by criminal actors and will be replicated.

Jordan: The MFA bypass piece is the key technical takeaway. A lot of boards feel comfortable when they hear their organization has MFA deployed. What they need to understand is that SMS and push-based MFA are now routinely defeated by adversary-in-the-middle platforms like W3LL. Phishing-resistant authentication — FIDO2, hardware keys, passkeys — is no longer aspirational. It's a gap you can quantify and defend in a budget conversation.

Alex: Now, Adobe. CVE-2026-34621. Emergency out-of-band patch for Acrobat and Reader, actively exploited since at least December 2025. It's on CISA's KEV list. This has been burning for four months before Adobe shipped a fix. The attack vector is a malicious PDF — which means any employee opening an email attachment is a potential entry point.

Jordan: Patch it today. Not this sprint, not this week's change window. Today. Adobe Acrobat and Reader exist on virtually every enterprise endpoint. This is as close to universal exposure as it gets, and the fact that active exploitation predates the patch by four months means threat actors have had a meaningful head start. Check your EDR telemetry going back to December for anything touching Acrobat processes abnormally.

Alex: And right alongside it, CISA added six vulnerabilities to the KEV catalog this week, including CVE-2026-21643 — a CVSS 9.1 SQL injection in Fortinet FortiClient EMS. Unauthenticated attacker, remote exploitation, confirmed active exploitation in the wild. If you're running FortiClient EMS, that goes into the same emergency patch bucket as the Adobe zero-day. No exceptions.

Jordan: Fortinet vulnerabilities have been a persistent theme over the past eighteen months. At this point, if you're running Fortinet infrastructure and you don't have a near-real-time patching process for their products specifically, that's a structural gap that needs a structural fix.

Alex: Let's talk supply chain, because we have two stories that belong together. Anodot, a cloud analytics platform, was breached, and the blast radius hit over a dozen enterprise customers. ShinyHunters — the same group behind several high-profile breaches — is now extorting those companies. Rockstar Games is the named victim getting the most coverage, but the more important question for every CISO listening is: what does your cloud analytics vendor have access to, and what's your contractual and technical ability to limit that access?

Jordan: SaaS analytics vendors are a category that routinely gets under-examined in third-party risk programs. They sit on top of your data lakes, your telemetry, your business metrics. The data access is broad by design — that's the product. Anodot is a wake-up call that the aggregator sitting above your data is itself a target. And separately, the Booking.com breach this week — customer reservation data, names, emails, phone numbers — is a reminder that travel and expense platforms used by your employees are also attack surface. The social engineering follow-on from that kind of data is predictable and dangerous.

Alex: Now the forward-looking piece, and this is where we want to spend a few minutes because it connects several threads we've been watching. The Cloud Security Alliance issued a formal warning this week about what they're calling an AI vulnerability storm, specifically triggered by the capabilities introduced with Anthropic's Claude Mythos. The argument is that AI models are now capable of discovering exploitable vulnerabilities at a speed that exceeds any organization's ability to remediate them. CSA is recommending CISOs invest in patch orchestration, virtual patching, and behavior-based controls as compensating measures.

Jordan: I take this seriously, and here's why. The academic research on AI-assisted vulnerability discovery has been accelerating sharply. We're past the point of theoretical. The practical implication is that the window between vulnerability existence and active exploitation is going to compress significantly. The CVD process, your patch cycles, your risk acceptance timelines — all of those were calibrated for a world where finding and weaponizing a vulnerability took human time. That assumption is breaking.

Alex: And the GitGuardian data released this week puts a number on a related problem. 28.6 million secrets exposed in public GitHub commits in 2025. Up 34 percent year over year. The single largest annual increase ever recorded. And the driver is AI agent credentials. As organizations spin up agentic workflows — AI systems authenticating to LLMs, to databases, to SaaS APIs, to cloud resources — those credentials are being hardcoded, committed to repos, and leaked at scale. Your secrets management governance almost certainly wasn't designed for this. It needs to be retrofitted explicitly for AI service accounts before the AI agent sprawl in your environment gets ahead of you.

Jordan: This is the week's theme, if you're looking for one. The attack surface is expanding faster than the governance frameworks we built to manage it. Cloud credentials, AI agent identities, SaaS dependencies, third-party data access — these are all converging. The organizations that get ahead of this are the ones that stop treating each of these as isolated problems and start treating identity and access governance as a unified, continuous program.

Alex: What we're watching the rest of this week: whether the APT41 indicators get broader sharing through ISACs, any attribution clarity on the Anodot breach, and whether CISA issues additional guidance on the Fortinet SQL injection given the criticality score.

Jordan: And whether any more W3LL victim notifications surface. If you haven't checked with your threat intel contacts on that, now is the time.

Alex: That's Cleartext for Tuesday, April 14th. If this was useful, share it with a peer who needs it. We're back tomorrow. Stay sharp.