The Easter Escalation

This Week in Brief

A browser zero-day hitting 3.5 billion users. A US fighter jet shot down over Iran. Russia stalling for the first time in years. And the Epstein fallout reaching all the way to a Nordic royal palace. Week 14 was not quiet.

Security

Chrome Zero-Day #4 — Update Now

Google patched CVE-2026-5281, the fourth Chrome zero-day this year, confirmed actively exploited in the wild. 3.5 billion users affected. Update Chrome immediately: Settings > Help > About Google Chrome.

TrueConf Zero-Day — Chinese APT

CVE-2026-3502, a zero-day in the video conferencing platform TrueConf, was exploited by a Chinese threat actor against an Asian government. If your org uses TrueConf, patch or isolate immediately.

FBI Breach Labelled “Major Incident”

The FBI notified Congress of a significant data breach, officially classified as a major incident. China-linked hackers are suspected. Details remain classified but the scale prompted mandatory Congressional notification.

Next.js Auth Bypass — 766 Hosts Compromised

CVE-2025-55182 is being actively exploited against Next.js deployments. Attackers stole credentials from 766 hosts, using a C2 panel called “NEXUS Listener.” If you run Next.js, check your version, patch is available.

Ransomware Roundup

• Die Linke (German democratic socialist party) confirmed data stolen by Qilin ransomware. Attack occurred March 27, data now threatened for release.
• Land Bank (South Africa) hit by ransomware, unable to table its corporate plan to parliament.

AI as Attack Surface

Microsoft published research this week confirming what many suspected: threat actors have moved beyond using AI as a tool, it’s now becoming an active attack surface. Credential theft via AI APIs, prompt injection in enterprise deployments, and LLM supply-chain attacks are all accelerating.

Conflicts

Iran-US War: Escalation

The week’s biggest story. Iran downed two US military aircraft in what US officials confirmed. A search and rescue operation was launched for at least one missing crew member. Iran’s Revolutionary Guard vowed continued strikes if US-Israeli operations continue. The White House submitted a $1.5 trillion defence budget request.

Meanwhile: Austria blocked US military aircraft from using its airspace, the latest European nation distancing itself from Trump’s Iran campaign. Over 100 US legal experts signed a letter calling the strikes a potential violation of international law.

Ukraine: Russia Finally Stalls

For the first time since 2023, Russia recorded near-zero territorial gains in March, per ISW analysis. Ukraine’s drone production is scaling, and Zelenskyy says the frontline is in its best shape in 10 months. Russia responded with a massive Easter missile and drone attack, killing at least 8 civilians.

Nordic Watch

Mette-Marit & Epstein — Divorce Rumours

Swedish tabloid Expressen (Tier 1 source) published divorce rumours surrounding Crown Princess Mette-Marit and Crown Prince Haakon this week, in the context of the ongoing Epstein-Nordic coverage. The palace has not commented.

Ehnbom Breaks Silence — Again

Swedish socialite Barbro Ehnbom, one of the key figures in the Nordic Epstein connection, gave two major interviews this week:

• SVT (national TV): “Nara ett monster” (“Close to a monster”), her most extensive on-camera statement yet.
• SvD: “Alla kopte Epsteins forklaring” (“Everyone bought Epstein’s explanation”), suggesting the social circle genuinely believed his cover stories.

Both interviews appear to be legal positioning ahead of the Stortinget control hearing (May 11-12).

By the Numbers

What to Do This Week

1. Update Chrome — CVE-2026-5281 is actively exploited. Don’t wait.
2. Audit Next.js deployments — CVE-2025-55182 is being mass-exploited right now.
3. If you use TrueConf — patch or isolate until a full audit is complete.
4. Review AI tool access controls — attacker interest in LLM APIs is growing fast.

FTRCRP Security Digest — published weekly. Sources: FTRCRP evidence pipeline, Lara intelligence feeds, open-source reporting. Week 14 · 2026-04-04