🤠 cPanel's Two-Month Zero-Day, OpenAI Dumps Microsoft, and Earnings Punished Everyone But Google

In partnership with

This is an IT Support Group

Weekly IT Roundup 🤠

cPanel was a zero-day for two months before the patch shipped. Microsoft and OpenAI broke up live on AWS's earnings call. And Wall Street punished every hyperscaler that announced more AI spending — except Google.

GM IT pros!

Happy Friday! Here's this week's IT roundup.

-Stetson

Tech News TL;DR

This week's IT and tech news in 5-minutes-ish or less

🔒 CYBER-SECURITY NIGHTMARES

Because sleep is overrated anyway...

🚨 cPanel was a zero-day for two months before the patch shipped
CVE-2026-41940, CVSS 9.8 CRLF-injection auth bypass — unauthenticated attackers flip user=root into their session file and own the entire shared host. Exploited in the wild since February 23. cPanel pushed the advisory and patch April 28; CISA added it to KEV April 30. Every shared-hosting provider on earth is in scramble mode this morning. Read more

🛠️ ConnectWise ScreenConnect's two-year-old auth-bypass twin (CVE-2024-1708) hits the KEV list
CISA added it April 28 alongside CVE-2024-1709, with Microsoft tying active exploitation to China-linked Storm-1175 deploying Medusa ransomware. Federal patch deadline May 12. If you're an MSP still running an unpatched on-prem ScreenConnect in 2026, friend, we need to talk. Read more

🪟 Windows Shell zero-click bug (CVE-2026-32202) confirmed exploited in the wild
Microsoft updated its advisory and CISA added the protection-mechanism-failure flaw to KEV April 28. Network spoofing via crafted shortcuts/files, no user interaction, ideal pre-ransomware staging. Feds have until May 12 to patch. The fact that "zero-click Windows" barely qualifies as news anymore says a lot. Read more

🚢 ShinyHunters dump 8.7M Carnival/Holland America records after extortion deadline lapses
After Carnival declined to pay, ShinyHunters published the full Mariner Society dataset — 7.5M unique emails plus names, DOBs, gender, loyalty status. Carnival is publicly calling it "a single phished inbox." Sure. The cruise industry's threat model is apparently "hope for the best." Read more

🏠 ADT confirms 5.5M-customer breach — vishing an Okta SSO account, then ransacking Salesforce
ShinyHunters socially-engineered an ADT employee's Okta MFA, pivoted to Salesforce, walked off with names, emails, phones, addresses, plus DOBs and partial SSNs for a subset. Detected April 20, confirmed this week. The home-security company that couldn't secure its own help desk. Read more

☁️ CLOUD CHAOS

Where your data goes to party without you

💔 Microsoft and OpenAI tear up the exclusivity deal — AWS gets to resell GPT-5.5
April 28-29: Microsoft loses its OpenAI cloud monopoly, keeps a non-exclusive IP license through 2032 and a capped 20% rev share through 2030. OpenAI immediately announces a $100B AWS expansion on top of its existing $38B AWS deal. MSFT dropped 5.3% on the news. The seven-year lock-in is officially dead and Satya is still smiling through clenched teeth. Read more

📈 AWS posts 28% growth — fastest in 15 quarters
Q1 revenue $37.6B, segment op income up 23% to $14.16B. Bedrock token volume in Q1 alone topped every prior year combined; customer Bedrock spend up 170% QoQ. Capex $44.2B — in one quarter. Whatever you're paying for EC2, it's funding three more data centers as we speak. Read more

☁️ Google Cloud rips 63% growth, $20B revenue, $460B backlog
Cloud op income $6.6B at 32.9% margin (up from 17.8% a year ago). Backlog nearly doubled QoQ. Alphabet raised full-year capex guidance to $190B. The "third-place cloud" narrative is officially dead — and the only one of the three hyperscalers Wall Street actually rewarded for its AI spend this week. Read more

🐙 GitHub melts down for 48 hours — pull-request search and indexing broken across the platform
Started April 28 ~5pm UTC, stretched into April 30 with merge-queue corruption and disappearing PRs. Mitchell Hashimoto publicly announced Ghostty is leaving GitHub over reliability. When the de-facto source-of-truth for the planet's code goes wobbly for two days, your CI/CD strategy gets a free audit. Read more

🏢 BUSINESS SHENANIGANS

Corporate chaos you need to know about

🍎 Apple posts record Q2: $111.2B revenue, $30.9B in Services, iPhone up 22%
First earnings call since Tim Cook's CEO-retirement announcement. Cook said supply constraints capped Mac and iPhone sales. June-quarter guide: 14-17% YoY growth. The Ternus era starts with the bar already set ridiculously high. Read more

📊 Microsoft beats earnings, gets punished anyway — $190B capex guide spooks Street, stock -5.3%
Q3 FY26: $82.9B revenue, Azure back to 40% growth, AI run-rate $37B (up 123%). But CFO Amy Hood said memory-cost spikes are adding $25B to capex, and gross margin compressed to 67.6% — narrowest since 2022. The new MSFT pitch: "infinite AI demand, vanishing margins." Read more

📉 Meta blows up its capex guide to $145B, stock -9% after-hours
Revenue beat at $56.3B (up 33%), but Zuck raised FY26 capex from $115-135B to $125-145B and confirmed 8,000 layoffs. Daily users declined for the first time ever. Of the four hyperscaler earnings this week, only Google convinced investors the AI spend was working. Read more

🇨🇳 China formally blocks Meta's acquisition of AI agent startup Manus
April 27: China's foreign-investment security review office prohibited the deal outright. The AI cold war now has actual border checkpoints. Expect more of these. Read more

🤖 AI TAKING OVER

Our future robot overlords are getting smarter

🧠 OpenAI ships GPT-5.5 — agentic workflows, multi-step reasoning, full document creation
GPT-5.5 Thinking on paid plans, GPT-5.5 Pro on Pro/Business/Enterprise/Edu. Same week, OpenAI launched Codex and Managed Agents on AWS Bedrock. "AI you can delegate to" is officially the new product category and every helpdesk runbook is suddenly a tier-1 use case. Read more

🧪 Anthropic ships Claude Opus 4.7 with new "xhigh" reasoning tier
Better coding, sharper vision, self-checking. Claude Code shipped a major update with PowerShell fallback on Windows and ultrareview automation. Claude Managed Agents went into public beta. Meanwhile a still-unreleased "Mythos" preview is being tested with 11 select security companies. Read more

⚡ Google ships Gemini 3.1 Pro, Gemma 4, Deep Research Max — and a Gemini app for macOS
Gemini 3 Flash is the new default in the consumer app; 3.1 Pro hits the API for "complex tasks." Google also confirmed a Gemini-powered Siri is coming later in 2026. Apple is quietly outsourcing the smart half of the iPhone. Read more

⚖️ Musk vs. Altman trial opens — three weeks of OpenAI dirty laundry on public record
Musk took the stand April 28-29 in the lawsuit accusing Altman of betraying OpenAI's nonprofit charter. OpenAI's lawyer pressed Musk on whether he tried to take the company himself. Whatever the verdict, every internal email is potential discovery — which is its own security and PR nightmare. Read more

🔧 MISC TECH MADNESS

The weird stuff that doesn't fit anywhere else

💻 Microsoft's KB5083769 puts some Windows 11 25H2 machines into unrecoverable boot loops
And Microsoft is simultaneously force-pushing 24H2 → 25H2 ahead of the October 13 EOS. So the upgrade you didn't ask for might brick you, and the rollback path is "reimage." Patch your fleet — but ring the canary group first. Read more

🛒 eBay knocked offline by alleged DDoS — hacktivist group "313 Team" claims credit
Outage started late Sunday April 26 and ran into Monday. eBay won't confirm the cause; sellers spent the day refreshing dashboards. Ten years of "DDoS is a solved problem" later, and it's still very much not. Read more

🐧 Linux kernel cryptographic-template flaw affects every distro — and was introduced in 2017
Newly disclosed kernel bug in cryptographic templates spans nine years of releases. Distro maintainers are scrambling for backports. Reminder: "many eyes" only works if the eyes are looking. Read more

🥷 Shameless plug, zero regrets
Half the stories above are easier to triage if you're comfortable on a Linux box. Shell Samurai is hands-on Linux practice in your browser, no VM, no cloud credit card. Built for the Windows admin who keeps getting handed Linux work. shellsamurai.com

Write docs 4x faster. Without hating every second.

Nobody became a developer to write documentation. But the docs still need to get written — PRDs, README updates, architecture decisions, onboarding guides.

Wispr Flow lets you talk through it instead. Speak naturally about what the code does, how it works, and why you built it that way. Flow formats everything into clean, professional text you can paste into Notion, Confluence, or GitHub.

Used by engineering teams at OpenAI, Vercel, and Clay. 89% of messages sent with zero edits. Works system-wide on Mac, Windows, and iPhone.

Try Wispr Flow free

That's the roundup. Patch the cPanel boxes today, ring the canary group before letting KB5083769 anywhere near a fleet, and if you're an MSP still running on-prem ScreenConnect, the conversation we need to have is the one where you tell me how soon you're moving. Job board's at jobs.thisisanitsupportgroup.com if you're hiring or hunting.

Stay paranoid. Stay patched. See you next Friday 🤠

-Stetson