🤠 SharePoint Zero-Day, 80K Tech Jobs Gone, and an AI Is Already Hunting Bugs in Your OS

Sponsored by

This is an IT Support Group

Weekly IT Roundup 🤠

Microsoft’s monster Patch Tuesday, 80K tech jobs vaporized, and an AI is already hunting bugs in your OS

GM IT pros!

Happy Friday! Here’s this week’s IT roundup.

-Stetson

Tech News TL;DR

This week’s IT and tech news in 5-minutes-ish or less

🔒 CYBER-SECURITY NIGHTMARES

Because sleep is overrated anyway...

🪟 SharePoint Zero-Day Being Actively Exploited — 167 More CVEs Along for the Ride
Microsoft’s April Patch Tuesday arrived like a freight train: 167 vulnerabilities patched, including a SharePoint Server zero-day (CVE-2026-32201, CVSS 6.5) already being exploited in the wild via spoofing attacks. There’s also a second zero-day, CVE-2026-33825, a privilege escalation flaw in Microsoft Defender that was publicly disclosed on GitHub before the patch dropped. Yes, someone put the exploit on GitHub first. Classic. Read more

🛡️ CISA Piles On: Fortinet, Adobe, and Microsoft Exchange All Added to the Naughty List
CISA added 6 more flaws to its Known Exploited Vulnerabilities catalog this week — including a nasty SQL injection in Fortinet FortiClient EMS (CVSS 9.1), a use-after-free in Adobe Acrobat Reader, and an RCE flaw in Microsoft Exchange Server. Federal agencies have until April 27 to patch. The rest of us have until “oh no, too late.” Read more

🔗 Supply Chain Attack Hits Trivy, Axios, and LiteLLM — Your CI/CD Pipeline Is a Target
Attackers compromised maintainer accounts across npm, PyPI, and GitHub Actions to inject malicious code into Trivy, Axios, and LiteLLM — tools sitting inside thousands of CI/CD pipelines. The code executed automatically on build. If you haven’t audited your pipeline dependencies lately, now would be a great time to have a small existential crisis about it. Read more

🏥 Ransomware Group Anubis Claims 2TB of Patient Data From Signature Healthcare
Signature Healthcare in Massachusetts is still diverting ambulances and running on paper charts after a ransomware hit. Threat group Anubis is claiming 2 terabytes of patient data stolen. Healthcare + ransomware continues to be the most exhausting trend in cybersecurity. Read more

🦠 Cisco Patches Four Critical Flaws in Webex and Identity Services Engine
Cisco dropped patches for four critical vulnerabilities including a CVSS 9.9 in their Identity Services Engine (ISE) and a CVSS 9.8 in Webex Services. If your org uses either product — and many of you do — patch this week, not next week. Read more

🚨 SPONSORED: The AI Hunting Bugs in Your OS Right Now

Anthropic quietly dropped one of the most significant cybersecurity announcements in years — and most IT folks still haven’t heard about it.

Their new AI model, Mythos, is so powerful at finding software vulnerabilities that Anthropic is not releasing it to the public. Instead, they’re only giving access to a handful of partners (Amazon, Apple, Microsoft, CrowdStrike, Cisco...) through something called Project Glasswing.

Why does that matter to you? Because Mythos has already found high-severity vulnerabilities in every major operating system and web browser. The gap between how fast AI can find flaws and how fast companies can patch them is widening — fast.

Field Effect is hosting a free webinar on April 23rd to break down exactly what this means for your organization’s security posture. They’re getting technical, so bring your Security and IT leads.

📅 Thursday, April 23 | 1:00 PM ET
👉 Register here → get.fieldeffect.com/webinar-mythos-project-glasswing

☁️ CLOUD CHAOS

Where your data goes to party without you

🇪🇺 AWS and Azure Under EU Investigation — Google Cloud Gets a Pass (For Now)
The European Union is investigating AWS and Azure under the Digital Markets Act for their roles in widespread outages. Google Cloud somehow escaped this round of regulatory scrutiny. Nothing says “we’ve made it” like being too big to fail and too important to let the government ignore you. Read more

⚡ Forrester Predicts Two Major Multi-Day Cloud Outages in 2026 — Thanks, AI
Hyperscalers are diverting investment away from boring-but-reliable x86 infrastructure to build shiny GPU data centers for AI workloads. Forrester’s prediction: at least two major multi-day cloud outages in 2026 as that aging legacy infrastructure buckles under the pressure. Your incident response plan better include “cloud is down for a week.” Read more

☁️ Multi-Cloud Isn’t Optional Anymore — 86% of Orgs Have Already Made the Jump
86% of organizations have adopted multi-cloud strategies specifically for resilience, and it’s becoming clear why. Between AWS, Azure, and Google Cloud logging 100+ combined outages in a single year, putting all your eggs in one hyperscaler basket is officially a career-limiting move. Read more

🏢 BUSINESS SHENANIGANS

Corporate chaos you need to know about

🏛️ Oracle Laying Off Up to 30,000 People — New CFO Gets $26M Equity Package to Soften the News
Oracle cut thousands on March 31 and is reportedly targeting up to 30,000 total layoffs to free up $8-10 billion in cash flow for AI infrastructure spending. Meanwhile, their incoming CFO was handed a $26 million equity grant. The “we’re a family” emails must have gotten lost in the mail. Read more

🪨 Atlassian Cuts 10% of Workforce — Because Jira Can Now Resolve Its Own Tickets Apparently
Atlassian is eliminating 1,600 roles — about 10% of its global headcount — with AI agents handling the support and ticket-resolution work those humans used to do. The irony of a company best known for its IT project management tools using AI to fire its IT workers is not lost on us. Read more

🤖 78,000 Tech Workers Laid Off in Q1 2026 — Nearly Half Blamed Directly on AI
The tech industry shed 78,557 jobs in Q1 alone, with 47.9% of those cuts officially attributed to AI automation replacing human workers. Legacy companies like Oracle, Dell, and Intel are gutting traditional roles to fund AI buildouts, while AI-native companies keep hiring. Cool transition, totally not terrifying. Read more

📊 Enterprise Software Giants Lost 20-40% of Market Value in Early 2026
Six of the world’s largest enterprise software vendors have shed 20-40% of their market value in the opening months of 2026 as investors panic over AI disruption, bloated payrolls, and shrinking margins. The audit defense arms race is real — and expensive. Read more

🤖 AI TAKING OVER

Our future robot overlords are getting smarter

🔧 AI Agents Now Auto-Resolve 80% of IT Support Requests — Your Help Desk Just Got Complicated
Analysts report AI agents are autonomously resolving more than 80% of IT support requests at organizations that have deployed them, cutting ITSM costs by up to 50%. For large enterprises, that’s potentially $5 million in annual savings. For IT support professionals: start brushing up on the things AI still can’t do, like explaining to a VP why their printer is on the wrong network. Read more

📦 Anthropic’s MCP Protocol Hits 97 Million Installs — It’s Now Enterprise Infrastructure
Anthropic’s Model Context Protocol crossed 97 million installs in March 2026. Every major AI vendor now ships MCP-compatible tooling, and it’s become the default way AI agents connect to external tools, APIs, and data. If you haven’t started thinking about MCP governance in your environment, someone else on your team probably has. Read more

💰 OpenAI Surpasses $25B in Annualized Revenue — Enterprise Is Now 40% of the Pie
OpenAI crossed $25 billion in annualized revenue with enterprise making up over 40% — and growing fast. Anthropic is sitting at $19 billion ARR. The message is clear: enterprise AI adoption isn’t in the “exploring” phase anymore. It’s a line item on the P&L and your executives are already asking why you haven’t implemented it yet. Read more

🧠 Google Drops Gemini 3.1 Ultra With a 2-Million Token Context Window
Google launched Gemini 3.1 Ultra, featuring a 2-million token context window that works natively across text, image, audio, and video. Translation: it can eat an entire enterprise knowledge base in one sitting. The model arms race continues and your vendor is about to send you a pitch deck about it. Read more

🔧 MISC TECH MADNESS

The weird stuff that doesn’t fit anywhere else

🥖 France Is Ditching Windows for Linux on 2.5 Million Government PCs
The French government announced a plan to migrate 2.5 million civil servant workstations from Windows to Linux as part of a digital sovereignty push. Each ministry must submit a transition roadmap by autumn 2026. Full deployment expected by 2030. France said “non” to Microsoft and honestly, the sysadmins responsible for that migration deserve hazard pay. Read more

🍓 Raspberry Pi OS April 2026 Update: Passwordless Sudo Disabled by Default
The latest Raspberry Pi OS dropped this week with a significantly improved Control Center app and — finally — passwordless sudo disabled by default. Other updates include Chromium enhancements and a heap of quality-of-life improvements. Security defaults improving on a $35 computer faster than on enterprise servers is the kind of thing you share at the help desk for morale. Read more

📊 💰 2026 IT Salary Survey — Are You Being Paid Fairly?
Speaking of morale — we launched our 2026 IT Support Salary Survey. It’s anonymous, takes 3 minutes, and by filling it out you’ll get a copy of the full results once the survey

In a World of AI Agents: Intent > Identity

AI-powered bots aren’t just logging in anymore. They’re mimicking real users, slipping past identity checks, and scaling attacks faster than ever.

Thousands of companies worldwide trust hCaptcha to protect their online services from automated threats while preserving user privacy.

Now is the time to take control of your security.

Book a demo today.

closes. We want to make real salary data open and accessible to IT pros everywhere. Take the survey here →

That’s the roundup for this week. Stay patched, stay caffeinated, and for the love of all things holy — don’t skip that SharePoint update.

Stay paranoid. Stay patched. See you next Friday 🤠

-Stetson