Tech Brief
May 5, 2026
Your morning roundup of the most relevant technology and AI news. Curated by 312 IT Consulting.
It's National Small Business Week, and the news cycle is reinforcing the message: small and mid-size businesses are squarely in the crosshairs of today's biggest cyber threats — from a fresh SharePoint zero-day to SaaS-targeted vishing rings — while AI productivity tools keep getting cheaper and easier to deploy. Here's what Chicagoland operators should know this morning.
Microsoft SharePoint zero-day under active exploit — 1,300+ servers vulnerable to remote code execution
Researchers disclosed a zero-day vulnerability in Microsoft SharePoint that allows unauthenticated remote code execution, with active exploitation observed against more than 1,300 internet-facing servers. SharePoint administrators are being urged to apply Microsoft's emergency patch immediately and review logs for indicators of compromise. The flaw is being chained with credential-stealing payloads to give attackers persistent access to document libraries and connected Microsoft 365 tenants.
Why it matters for your business: Many Chicagoland SMBs run on-prem or hybrid SharePoint for document collaboration, and on-prem instances are exactly the targets attackers are scanning for right now. If your team uses SharePoint Server (not just SharePoint Online), pause everything else and confirm the patch is applied today. Even SharePoint Online customers should review external sharing settings and audit logs. If you don't know whether your SharePoint is exposed to the internet, that's the first question to answer — our small-business cybersecurity checklist walks through where to look.
Read more on The Hacker News →CISA's Known Exploited Vulnerabilities catalog hits May 4 federal patch deadline — eight flaws now under attack
The Cybersecurity and Infrastructure Security Agency added eight actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog last month with patching deadlines of April 23 and May 4. Federal agencies were required to remediate by yesterday, and CISA is urging private sector organizations — including small and mid-size businesses — to use the same list as a forced-priority queue for their own patch programs.
Why it matters for your business: The KEV catalog is the closest thing to a free, government-curated "patch this first" list that exists. Most SMB IT teams are drowning in CVEs and don't have the time to triage; the KEV cuts that work down to a few dozen flaws per month that are actually being exploited in the wild. Take 15 minutes today to scan it for any product your business runs (firewalls, VPNs, file servers, browsers, plugins) and confirm you're patched. If your IT vendor isn't already mapping their work to KEV, ask them why not.
View the KEV catalog →"Cordial Spider" and "Snarky Spider" target SaaS environments with voice phishing and SSO hijacking
Two cybercrime groups tracked as Cordial Spider and Snarky Spider are running rapid, high-impact campaigns against SaaS-heavy organizations, according to threat intelligence published this week. The crews call employees, impersonate IT support, and direct them to malicious SSO-themed login pages. Once they capture credentials and MFA tokens, they pivot directly into Microsoft 365, Salesforce, Google Workspace, and other SSO-integrated apps — often staging data theft and extortion within hours.
Why it matters for your business: If your business runs on cloud SaaS — and most Chicago SMBs do — your single sign-on provider is now a top-tier target. Three things to verify this week: every employee knows your help desk will never call them and ask for MFA codes; your identity provider (Okta, Microsoft Entra, Google) has phishing-resistant MFA enabled (passkeys or FIDO2 keys, not just SMS or push); and you have alerting on impossible-travel and atypical login patterns. Book a quick call if you want help reviewing your SSO posture.
Read the threat roundup →Google Workspace ships MCP server, conversational data analysis in Sheets, and faster Microsoft 365 migration
Google began the gradual rollout of its Workspace MCP server on May 1, alongside a wave of Gemini-powered features announced at Google Cloud Next 2026: conversational data analysis directly inside Sheets, expanded automated meeting notes, reusable AI automation skills, and a five-times-faster migration path from Microsoft 365 with an AI-driven Office macro converter. Office file editing in Gmail and redlining in Docs round out the cross-platform improvements.
Why it matters for your business: Two practical takeaways. First, if you've been on the fence about Workspace because of past pain migrating off Microsoft 365 macros and Excel files, the new tooling materially lowers that barrier — it's worth a fresh look. Second, the MCP server is a quiet but important shift: it lets AI agents (yours or third-party) read and act on your Workspace data through a standardized interface, which is going to make automation projects much cheaper to build over the next 6–12 months. We cover the trade-offs in our Microsoft 365 vs. Google Workspace comparison.
See the Workspace recap →IBM to open innovation hub at Illinois Quantum and Microelectronics Park, bringing 750 jobs to Chicago
IBM announced plans to open a new innovation hub at the Illinois Quantum and Microelectronics Park on Chicago's South Side, anchoring the city's emerging quantum corridor with 750 new jobs and an apprenticeship pipeline. The investment reinforces Illinois's bet on becoming a national center for quantum computing, advanced microelectronics, and AI infrastructure — and follows recent commitments from PsiQuantum and others at the same site.
Why it matters for your business: You don't need to be a quantum researcher to benefit from this. Hubs like this one tend to pull in talent, supplier ecosystems, and venture capital that ripple out into Chicagoland's broader tech economy. For local SMBs, that means deeper hiring pools, more contracting opportunities (IBM's apprenticeship and partner programs are open to area businesses), and a higher bar of digital sophistication that customers will start to expect. If you're a Chicagoland business thinking about how to modernize, this is a good week to put a stake in the ground — our Chicago IT consulting team works with companies across the region.
Read the IBM announcement →National Small Business Week kicks off — FTC and NIST host free SMB cybersecurity webinar today at 2 PM ET
National Small Business Week is underway, and the Federal Trade Commission and National Institute of Standards and Technology are hosting a free webinar today, May 5 at 2 PM ET, titled "Building Your Small Business Cybersecurity Team: From In-House to Outsourcing." The session covers how to right-size a security program for a small business, when to hire vs. outsource, and how to use NIST's Small Business Cybersecurity Corner resources.
Why it matters for your business: Most SMB owners we talk to know they need better cybersecurity but don't know where to start or how to budget for it. This webinar is a practical, vendor-neutral starting point — and it's free. Block 90 minutes on your calendar this afternoon and have whoever owns IT (in-house or outsourced) attend with you. If, after watching, you want a second opinion on whether your current setup is right-sized, give us a call at (224) 382-4084.
Read the FTC alert →Need help navigating these changes?
312 IT Consulting helps small and mid-size businesses in Chicagoland cut through the noise and implement technology that actually moves the needle. Call us at (224) 382-4084 or book a free consultation.
Book a Free Consultation