Cyber Brief: Critical Chrome patching and new MFA fatigue tactics

Today’s cyber activity highlights urgent patching requirements, attacker innovation in identity compromise and renewed UK calls to phase out legacy technology. These developments show how quickly small weaknesses can become major business risks when attackers adapt faster than organisations upgrade or harden their environments.

Critical Chrome vulnerability triggers immediate enterprise patching

A high severity vulnerability affecting the latest versions of Google Chrome has prompted urgent patching across enterprise environments. The flaw, identified in the browser’s memory management component, can allow an attacker to achieve arbitrary code execution if a user visits a malicious webpage. Security researchers reported active exploitation attempts, indicating that threat actors are racing to weaponise the flaw before organisations deploy fixes.

For many businesses, Chrome is the default browser across both corporate desktops and remote working devices. Browser vulnerabilities are particularly valuable to attackers because they bypass traditional perimeter controls and exploit everyday user behaviour. Although the vendor has issued an updated version, environments with unmanaged devices or permissive update processes may remain exposed for days or even weeks.

Why it matters
Browser vulnerabilities offer one of the most direct routes into corporate networks. Organisations should prioritise enforced browser updates, ensure application control policies prevent outdated versions from running and strengthen web filtering to reduce risk from malicious sites. Monitoring for unusual browser process activity can also provide early detection.

Source
Security researcher analysis

Attackers evolve MFA fatigue attacks with behavioural profiling

Security teams have reported a rise in advanced MFA fatigue techniques where attackers combine stolen credentials with behavioural profiling to time authentication prompts when users are most likely to approve them. Instead of overwhelming users with repeated notifications, threat actors are now sending low frequency but highly contextual prompts, mimicking normal login patterns such as early mornings or end of day sessions.

These methods exploit gaps in identity governance where MFA is treated as a final defence rather than part of a layered strategy. In several recent incidents, attackers gained initial access by triggering a single well timed authentication prompt that a user mistakenly approved. Once inside, they moved laterally and escalated access using standard internal tools, highlighting how small human errors can open the door to larger compromises.

Why it matters
MFA remains essential, but it is no longer foolproof. Organisations should expand their identity controls by enforcing phishing resistant MFA, reviewing authentication logs for unusual timing patterns and ensuring conditional access rules reduce risk by limiting high value access. User awareness training should emphasise that unsolicited prompts must be rejected.

Source
Industry threat intelligence

UK regulators highlight rising risks from unsupported and legacy systems

A new set of UK regulatory insights has warned that outdated and unsupported technology remains one of the most common causes of avoidable cyber incidents. Many organisations, particularly in the public sector and SME space, continue to rely on systems that no longer receive security updates or vendor support. These legacy systems often underpin critical services but have limited security controls, weak authentication and no capacity to integrate modern defences.

The assessment notes that attackers increasingly scan for end of life technologies because they provide predictable, well documented weaknesses. Compromise of a single legacy system can enable deeper access into modern environments, especially when legacy and current applications share identity, network or data pathways.

Why it matters
Legacy technology is not just a technical issue but a business risk. Organisations should map where unsupported systems remain, establish clear replacement timelines and isolate older technologies with strong network segmentation. Regulatory scrutiny is rising, meaning unsupported systems may affect compliance obligations as well as security posture.

Source
UK regulatory assessment

Today’s Key Actions

1. Enforce Chrome patching across corporate and remote devices.
2. Strengthen MFA posture by adopting phishing resistant methods and conditional access.
3. Map and isolate legacy systems and define replacement timelines.
4. Review authentication logs for unusual timing patterns associated with MFA fatigue.
5. Reassess browser based security controls and update web filtering.

Secarma Insight

These developments show how attackers continue to exploit everyday tools and overlooked systems. Strong cyber posture is built on disciplined patching, robust identity management and phased removal of outdated technology. Organisations that prioritise these fundamentals can better safeguard their operations and maintain confidence as threats evolve.

Get in touch with us to prioritise your next steps and strengthen your security posture.