Month: April 2026
Cybersecurity Threat Advisory: Adobe Acrobat Reader zero-day
Reports confirm active exploitation of a previously unknown zero‑day vulnerability in Adobe Acrobat Reader since at least December 2025. Attackers are delivering malicious PDF files via phishing and other social engineering methods to achieve remote code execution when the file...
Cybersecurity Threat Advisory: Ransomware turning off EDR with vulnerable drivers
Qilin and Warlock (also known as “Water Manaul”) ransomware groups are using bring your own vulnerable driver (BYOVD) techniques to disable endpoint security tools on Windows systems. These actors can shut down more than 300 EDR drivers across multiple security...
Cybersecurity Threat Advisory: Storm-1175 exploits zero-days to deploy Medusa ransomware
Storm-1175 is a threat actor using a rapid sequence of zero-day and N-day exploits to deploy Medusa ransomware against internet-facing assets. This high-velocity attack pattern has been highlighted by security researchers, who emphasize the heightened risk posed by exposed perimeter...
Pioneers in Tech: Frances “Poppy” Northcutt, the first woman in Mission Control
All eyes have been on Artemis 2 this week and its many firsts. These include the first woman to fly to the moon (Christina Koch) and the first female launch director of a crewed launch (Charlie Blackwell-Thompson). That’s why this...
Increased open source software reliance creates MSP opportunities
A survey of 712 IT professionals suggests that as organizations rely more on open source software, they are struggling with security updates and patches (39 percent), installations, upgrades, and configurations (30 percent), and technical support (29 percent). Nearly half (47...
Partner Spotlight: Turning compliance pressure into business growth
As regulatory pressure intensifies across Europe, IT teams are facing a growing mandate to prove stronger cyber resilience—especially under frameworks like NIS2. For Belgian IT integrator Group K, these challenges have become an opportunity. By pairing deep security expertise with...
What does a “right-size” incident response plan look like?
Often, when a cyber incident occurs, the response is ad hoc—a reactive, seat‑of‑the‑pants scramble. After all, every incident is different, so how can you plan for what you don’t know? But just as every building fire is different, there are...
Tip Tuesday: Adding recurring employee qualification tracking to your services
The managed service provider (MSP) landscape is moving toward proactive compliance and employee qualification management. As MSPs, you should add recurring employee qualification tracking to your service offerings to increase revenue and improve your clients’ overall satisfaction. The value of...
Cybersecurity Threat Advisory: Active exploitation of Fortinet SQL injection vulnerability
Fortinet has issued urgent security guidance following the active exploitation of a critical SQL injection vulnerability affecting FortiClient Enterprise Management Server (EMS). The flaw allows unauthenticated attackers to achieve remote code execution through specially crafted HTTP requests sent to the...
Cybersecurity Threat Advisory: Axios NPM compromised by supply chain attack
The widely used HTTP client Axios was compromised recently in an incident that many researchers are attributing to a North Korean–linked cyberattack. Attackers gained access to the NPM account of an Axios maintainer, “jasonsaayman,” and published two malicious versions of...
