In today’s Cybersecurity Daily, we break down the most critical cyber threats impacting April 2026. OpenAI revokes its macOS signing certificate after the Axios supply chain compromise exposed risks to software-signing pipelines, highlighting how deeply modern attacks can reach into trusted development workflows.

We also cover an actively exploited Adobe Acrobat Reader vulnerability (CVE-2026-34621) that enables remote code execution through malicious PDFs, alongside a rapidly exploited Marimo pre-auth RCE flaw where attackers began harvesting secrets within hours of disclosure.

On the threat actor side, we analyze North Korea’s APT37 campaign, using Facebook, Messenger, and Telegram to deliver RokRAT malware through a trojanized PDF viewer—showing how social ...