Category: Featured
Cybersecurity Threat Advisory: Adobe Acrobat Reader zero-day
Reports confirm active exploitation of a previously unknown zero‑day vulnerability in Adobe Acrobat Reader since at least December 2025. Attackers are delivering malicious PDF files via phishing and other social engineering methods to achieve remote code execution when the file...
Cybersecurity Threat Advisory: Ransomware turning off EDR with vulnerable drivers
Qilin and Warlock (also known as “Water Manaul”) ransomware groups are using bring your own vulnerable driver (BYOVD) techniques to disable endpoint security tools on Windows systems. These actors can shut down more than 300 EDR drivers across multiple security...
Cybersecurity Threat Advisory: Storm-1175 exploits zero-days to deploy Medusa ransomware
Storm-1175 is a threat actor using a rapid sequence of zero-day and N-day exploits to deploy Medusa ransomware against internet-facing assets. This high-velocity attack pattern has been highlighted by security researchers, who emphasize the heightened risk posed by exposed perimeter...
Pioneers in Tech: Frances “Poppy” Northcutt, the first woman in Mission Control
All eyes have been on Artemis 2 this week and its many firsts. These include the first woman to fly to the moon (Christina Koch) and the first female launch director of a crewed launch (Charlie Blackwell-Thompson). That’s why this...
Cybersecurity Threat Advisory: Active exploitation of Fortinet SQL injection vulnerability
Fortinet has issued urgent security guidance following the active exploitation of a critical SQL injection vulnerability affecting FortiClient Enterprise Management Server (EMS). The flaw allows unauthenticated attackers to achieve remote code execution through specially crafted HTTP requests sent to the...
Cybersecurity Threat Advisory: Axios NPM compromised by supply chain attack
The widely used HTTP client Axios was compromised recently in an incident that many researchers are attributing to a North Korean–linked cyberattack. Attackers gained access to the NPM account of an Axios maintainer, “jasonsaayman,” and published two malicious versions of...
Cybersecurity Threat Advisory: RoadK1ll Node.js WebSocket implant
Recent reporting has identified a Node.js–based post-exploitation implant known as RoadK1ll, observed in real-world intrusions as a lateral movement and network pivoting tool. Read this Cybersecurity Threat Advisory to protect you and your clients’ environments. What is the threat? RoadK1ll...
Tech Time Warp: The Conficker case study
Conficker was a nasty piece of malware that first emerged on the scene in November 2008. By April 1, 2009, many security experts and computer users were bracing themselves for the worst: a predicted “menacing” new phase as machines infected...
What soaring cloud demand and supply constraints mean for MSPs
A report from market research firm Omdia finds that global spending on cloud infrastructure continues to accelerate, with spending in the fourth quarter of 2025 reaching $110.9 billion—a 29 percent increase year over year. Cloud providers see strong growth momentum...
If you’re an MSP owner who wants more consistent leads, start here
As someone who’s spent the last 8+ years helping hundreds of MSPs generate leads and book real sales conversations, I hear the same frustration over and over again: “We’re doing some marketing… but leads are inconsistent.” Some months are busy....
