Security Report – 17 Apr 2026

Exploit: Zero-day vulnerability

Risk to Business: Moderate: Google has confirmed another zero-day vulnerability in its Chrome web browser that is actively being exploited in the wild. Tracked as CVE-2026-5281, the flaw is a use-after-free vulnerability in Chrome’s Dawn WebGPU implementation. Successful exploitation of this vulnerability could allow a remote attacker who has compromised the renderer process to execute arbitrary code through a crafted HTML page, putting billions of users at risk. Zero-day vulnerabilities are becoming increasingly frequent in Chrome, with this marking the fourth such flaw patched by Google in the first four months of the year.

United States – Microsoft – Technology 

Exploit: Phishing

Risk to Business: Moderate: Microsoft has revealed that hundreds of organisations across all sectors worldwide are being compromised daily through a large-scale phishing campaign that leverages the device code authentication flow. The campaign uses AI and automation throughout the attack chain to compromise corporate email accounts and steal data. Threat actors begin by querying Microsoft’s GetCredentialType API to verify whether targeted email addresses are valid and active. They then use AI to craft highly personalised phishing emails tailored to the recipient’s role, often including malicious attachments or links. To evade detection, attackers avoid linking directly to phishing sites and instead route victims through multiple redirects using compromised legitimate domains and trusted platforms such as Railway, Cloudflare Workers, DigitalOcean and AWS Lambda. The final page mimics a browser window, prompting users to verify their identity via a button that redirects them to Microsoft.com/devicelogin and displays the device code.

Talk to a TCT team member today about implementing IT strategy plan for your business.