Three Weeks. Three Wake-Up Calls.

If you work in the software industry, April 2026 was quite eventful. Three major security stories occurred in quick succession, and each one tells a different version of the same uncomfortable truth.

Es begann am 8. April, als Anthropic announced that Claude Mythos Preview, ihr neuestes Frontier-Modell, nicht öffentlich veröffentlicht wird. Der Grund klingt fast surreal: Das Modell ist too good darin, kritische Schwachstellen in Betriebssystemen und Browsern zu finden. Statt einer öffentlichen Veröffentlichung gibt Anthropic nur einer kleinen Gruppe von Partnern Zugang — über die Initiative „Project Glasswing", damit Verteidiger Lücken schließen können, bevor Angreifer aufholen. Wer die ganze Story sehen will, here is a brief explanation.

Wenige Tage später wurde the axios npm package was hijacked. Die Versionen 1.14.1 und 0.30.4 eines Pakets, das 70 bis 100 Millionen Mal pro Woche heruntergeladen wird, wurden mit einem Remote Access Trojan vergiftet — zurückverfolgt zu einer staatlich unterstützten nordkoreanischen Gruppe namens Sapphire Sleet. Wer im falschen Moment npm install ausgeführt hat, hat ihren Code laufen lassen. Zwei bis drei Stunden Verweildauer, bevor es überhaupt jemandem aufgefallen ist.

Dann, am 18. April, hat Vercel disclosed a breach — wobei niemand Vercel direkt gehackt hat. Ein Mitarbeiter eines kleinen AI-Tools namens Context AI hat sich Infostealer-Malware auf seinem Laptop eingefangen. Das hat den Angreifern einen Google-Workspace-OAuth-Token in die Hände gespielt. Dieser Token hat den Weg in Vercels interne Systeme geöffnet. Am Ende landeten Kunden-Credentials und Source Code for sale in a hacker forum for 2 million dollars. A laptop. Two companies apart. One of the largest hosting providers on the web has still ended up within the sphere of influence.

When you look at the chain in each of these stories, none of them start where you would expect. The Anthropic story is about how cyber capabilities diffuse out of AI labs. The axios story shows how trust in package registries is crumbling. The Vercel story revolves around a single laptop, two companies removed from the actual victim. The pattern is unmistakable: the attack vectors are becoming subtler, more indirect, and harder to detect. And the impacts hit entire industries simultaneously.

Our Weekend

We didn't want to wait until the issue caught up with us. So we cleared the calendar and conducted an entire security workshop weekend — the IT Security Weekend 2026. It wasn't about "creating awareness" — awareness was never the problem. It was about clearly identifying where our specific vulnerabilities lie and having real changes live by Monday.

The weekend wasn't just work. We spent time together at the beach, had dinner together in the evenings, laughed a lot — and this mix was important. In the end, safety is a team issue, and a team that knows each other well reacts differently when things get serious.

Ein zentraler Bestandteil war unser interner Security Test, den jeder im Team durchlaufen hat. Der Test geht praktische Szenarien durch — Phishing-Versuche, Umgang mit Secrets, Erkennen verdächtiger OAuth-Anfragen, sicheres Arbeiten mit Dependencies — und macht sichtbar, wo im Team noch blinde Flecken sind. Das Ergebnis wird nicht im Schrank verstaut, sondern bestimmt, wo wir die nächsten Wochen nachschärfen. Den vollständigen Test gibt's in unserem Security Test Document.

We have broken down the substantive discussion into three sources of risk, and they closely reflect the three stories mentioned above.

Die erste ist the developer's device. This is the Vercel story. A single compromised laptop is enough to destabilize an entire infrastructure provider. The phrase "it's just my personal computer" no longer works once that computer has production access, stores OAuth tokens, or holds a session cookie for something important.

Die zweite ist the source code. Clean code is no longer just a matter of quality — it's also a matter of security. We standardize a security-first coding baseline to ensure vulnerabilities don't make it to production. Code review for security, not just for style. Secrets out of the repos. Defaults that fail safely rather than openly in case of doubt.

Die dritte ist external software. This is the axios lesson. The more you build and host yourself, the more valuable you become as a target. Where it makes sense, we want to rely on standardized, security-verified software instead of pulling in a random open-source package that just gets the job done the fastest. Every dependency is a trust decision.

What we have implemented

We didn't just talk. By the end of the IT Security Weekend 2026, three concrete things were live.

A practical hardening playbook, coordinated across all teams — disk encryption, OS firewalls, browser isolation, reviews of OAuth permissions, and clear principles for handling secrets on local machines. Additionally, security checks directly in the development workflow, instead of being tacked on at the end — dependency scanning, secret scanning, and signed commits run before code can even be merged.

However, the biggest leverage is our step in device management.

JumpCloud MDM: active device tracking instead of passive inventory list

Wir haben JumpCloud MDM auf jedem Firmen-Gerät ausgerollt — und das ist deutlich mehr als ein klassisches MDM-Setup. Klassisches MDM weiß, welches Gerät welcher Person gehört und ob es verschlüsselt ist. Das war's dann meistens auch.

JumpCloud geht spürbar weiter. Das System scannt die Geräte kontinuierlich und baut ein risk profile per employee auf — nicht nur pro Maschine. Es lernt mit der Zeit, wie ein bestimmter Mitarbeiter normalerweise arbeitet: welche Programme laufen, welche Netzwerke benutzt werden, welche Login-Muster typisch sind. Sobald ein Gerät davon abweicht — ungewöhnliche Prozesse, neue Software aus unerwarteten Quellen, Login-Versuche zu seltsamen Zeiten oder verdächtige Netzwerk-Aktivität — schlägt das System automatisch Alarm und alertet die Verantwortlichen sofort.

This is exactly the mechanism that would have made the difference at Vercel. An infostealer on an employee's laptop doesn't stand out due to a single loud signal — it stands out due to a pattern that deviates from normal behavior. JumpCloud automatically detects exactly that, instead of waiting for someone to stumble upon it by chance.

Specifically, this means: outdated OS, missing encryption, unknown software, or suspicious traffic are not only visible at the next audit — but at the moment they occur.

Honors

Ein ehrlicher Shoutout an Ari und Christian, who passed the entire security test without a single mistake. This sets the bar for the rest of us.

The Conclusion

If your team hasn't had a weekend like this by 2026, don't wait until the next breach forces you to. The threat model has shifted, and the costs of catching up later are no longer theoretical — right now, real companies with their data are in real hacker forums, with price tags in the millions.

The hardest part of security is not choosing the right tools. It is accepting that the way you worked last year is no longer safe today — and then quickly changing how you work.