Category: Security
Deepfakes in 2026: How MSPs can stay ahead of AI‑driven fraud
Deepfake fraud losses in North America alone exceeded $200 million in the first quarter of 2025, according to Keepnet Labs. Meanwhile, the Deloitte Center for Financial Services projects that generative AI‑enabled fraud in the U.S. will grow from $12.3 billion...
Cybersecurity Threat Advisory: CPUID vulnerability
CPUID has confirmed a software supply chain attack that briefly compromised the official download infrastructure for its popular hardware monitoring tools, CPU‑Z and HWMonitor. During a limited exposure window, attackers manipulated download links on the CPUID website, causing users to...
How MSPs can convey threats without the panic
Managed service providers encounter a steady stream of cyber threats, and communicating those risks to clients is both an art and a diplomatic exercise. “The fact is, if I told my clients about every single threat I saw every day,...
Cybersecurity Threat Advisory: Adobe Acrobat Reader zero-day
Reports confirm active exploitation of a previously unknown zero‑day vulnerability in Adobe Acrobat Reader since at least December 2025. Attackers are delivering malicious PDF files via phishing and other social engineering methods to achieve remote code execution when the file...
Cybersecurity Threat Advisory: Ransomware turning off EDR with vulnerable drivers
Qilin and Warlock (also known as “Water Manaul”) ransomware groups are using bring your own vulnerable driver (BYOVD) techniques to disable endpoint security tools on Windows systems. These actors can shut down more than 300 EDR drivers across multiple security...
Cybersecurity Threat Advisory: Storm-1175 exploits zero-days to deploy Medusa ransomware
Storm-1175 is a threat actor using a rapid sequence of zero-day and N-day exploits to deploy Medusa ransomware against internet-facing assets. This high-velocity attack pattern has been highlighted by security researchers, who emphasize the heightened risk posed by exposed perimeter...
Increased open source software reliance creates MSP opportunities
A survey of 712 IT professionals suggests that as organizations rely more on open source software, they are struggling with security updates and patches (39 percent), installations, upgrades, and configurations (30 percent), and technical support (29 percent). Nearly half (47...
What does a “right-size” incident response plan look like?
Often, when a cyber incident occurs, the response is ad hoc—a reactive, seat‑of‑the‑pants scramble. After all, every incident is different, so how can you plan for what you don’t know? But just as every building fire is different, there are...
Cybersecurity Threat Advisory: Active exploitation of Fortinet SQL injection vulnerability
Fortinet has issued urgent security guidance following the active exploitation of a critical SQL injection vulnerability affecting FortiClient Enterprise Management Server (EMS). The flaw allows unauthenticated attackers to achieve remote code execution through specially crafted HTTP requests sent to the...
Cybersecurity Threat Advisory: Axios NPM compromised by supply chain attack
The widely used HTTP client Axios was compromised recently in an incident that many researchers are attributing to a North Korean–linked cyberattack. Attackers gained access to the NPM account of an Axios maintainer, “jasonsaayman,” and published two malicious versions of...
