Category: Security
AI is making phishing smarter and MSPs need to keep up
The numbers are jarring: according to Barracuda Networks data, 91 percent of all cyberattacks begin with a phishing email, costing businesses billions of dollars annually. The goal of these attacks hasn’t changed since the mid‑1990s — trick someone into wiring...
How Managed XDR helps MSPs stay ahead of heightened cyber activity
Just before the start of the conflict in the Middle East, Barracuda Managed XDR’s global Security Operations Center (SOC) observed a sharp surge in cyber activity—specifically, a ten‑fold increase in malicious traffic coming from Iran and targeting the United States....
Cybersecurity Threat Advisory: Google security page spoofed in PWA attack
A phishing campaign is using a spoofed Google Account security page to distribute a malicious Progressive Web App (PWA). The app is designed to steal one‑time passcodes, collect cryptocurrency wallet addresses, and turn victims’ browsers into proxies for attacker traffic....
Cybersecurity Threat Advisory: APT28 targets Windows and Office via MSHTML zero‑day
Multiple security researchers and Microsoft have confirmed that the threat actor APT28 (Fancy Bear / Forest Blizzard) actively exploited a zero‑day vulnerability in the Microsoft MSHTML framework (CVE‑2026‑21513) prior to its fix in the February 2026 Patch Tuesday release. Read...
MSPs must adapt to stay ahead of AI-driven phishing
Phishing has long been cybercriminals’ weapon of choice — and the numbers remain sobering. In 2024, the FBI recorded 193,407 phishing complaints in the U.S. alone, while Business Email Compromise schemes caused $2.77 billion in losses. And when a breach...
Cybersecurity Threat Advisory: PromptSpy Android malware abusing Google Gemini AI
Reported by SecurityWeek on February 20, 2026, PromptSpy is a newly identified Android malware family developed by threat actors. Its standout capability is using Google Gemini at runtime to analyze on‑screen content and help the malware remain installed and active...
That’s not our admin: The blind spots that open doors to attackers
Lessons from around 600,000 security alerts analyzed by Barracuda Managed XDR Takeaways In 2025, 90% of ransomware incidents exploited firewalls, and the fastest observed ransomware case took three hours from breach to encryption. The most widely detected CVE vulnerability dates...
Cybersecurity Threat Advisory: Zero-day Cisco Catalyst SD-WAN flaw
A critical authentication‑bypass flaw in Cisco Catalyst SD‑WAN, tracked as CVE‑2026‑20127, is being actively exploited as a zero‑day. The vulnerability allows remote attackers to compromise controllers and introduce malicious rogue peers into targeted networks. Review the Cybersecurity Threat Advisory now...
Cybersecurity Threat Advisory: VMware Aria Operations vulnerabilities
On February 24, 2026, Broadcom released a critical security advisory addressing three distinct vulnerabilities in VMware Aria Operations. These flaws—ranging from Command Injection to Privilege Escalation—can compromise the confidentiality, integrity, and administrative control of affected systems. Immediate patching is required...
Cybersecurity Threat Advisory: Critical SolarWinds Serv-U flaw
CVE‑2025‑40538 is a critical broken access control vulnerability in SolarWinds Serv‑U, a self‑hosted managed file transfer (MFT) and FTP/SFTP/FTPS/HTTP(S) server used for secure file exchange. Review the Cybersecurity Threat Advisory now to protect your systems from this critical vulnerability. What...
