Category: Security
Cybersecurity Threat Advisory: Critical WatchGuard firewall flaw
A critical remote-code execution (RCE) vulnerability in WatchGuard Firebox, tracked as CVE-2025-9242 with a CVSS score of 9.3, allows unauthenticated attackers to execute arbitrary code. Review the information in this Cybersecurity Threat Advisory to learn more. What is the threat?...
Cybersecurity Threat Advisory: Worm outbreak infects npm ecosystem
Threat actors launched a sophisticated software supply chain attack that targets the npm registry and compromises over 40 packages maintained by multiple developers. The self-replicating worm, dubbed “Shai-Hulud”, automates the infection of downstream dependencies. Review the details in this Cybersecurity...
Cybersecurity Threat Advisory: Critical flaw in DELMIA Apriso MOM software
CISA has added CVE-2025-5086, a critical remote code execution (RCE) vulnerability in Dassault Systèmes DELMIA Apriso Manufacturing Operations Management (MOM) software, to its catalog following confirmed active exploitation. Review the details of this Cybersecurity Threat Advisory to keep your system...
Cybersecurity Threat Advisory: Critical Adobe Commerce flaw
A critical security vulnerability, tracked as CVE-2025-54236 (with a CVSS score of 9.1) is also known as “SessionReaper”. This vulnerability has been uncovered in Adobe Commerce and Magento Open Source. The flaw could allow cybercriminals to takeover customer accounts, putting...
The simplicity advantage: Why consolidating cybersecurity pays off
The cybersecurity landscape has reached a tipping point. While organizations continue to add new security tools to address emerging threats, they’re discovering that more tools often means more problems. This guide examines the costs of managing multiple security tools. It...
MSP security in the age of supply chain attacks
The numbers paint a stark picture of an escalating threat landscape. Supply chain attacks have been occurring at twice their long-term average in recent months, with Cyble researchers observing over 30 such attacks in April 2025 alone. Supply chain attacks...
WolfGPT: The “upgraded” dark AI for malware
As the landscape of cybercrime continues to evolve, WolfGPT is one tool that has emerged as a formidable player in the realm of malicious AI. A Telegram channel post by the group “KEP TEAM” marketed WolfGPT as an “upgraded version...
The hidden cost of a fragmented security stack
For manages service provider (MSP) customers, the promise of comprehensive cybersecurity protection often comes with an unexpected burden: managing their ever-expanding collection of security tools that don’t talk to each other. What starts as a strategic approach to layered defense...
Late-summer CISA alert roundup
At least once or twice a year I like to sift through the Cybersecurity and Infrastructure Security Agency (CISA) alerts and share some of the latest with SmarterMSP.com. The end of summer is one of the best times to do...
Threat Spotlight: Tycoon phishing kit reveals new techniques to hide malicious links
Phishing emails often feature malicious links (URLs) that lead victims to fake websites where they are infected with harmful software or tricked into giving away personal information such as their account credentials. Uncover how these attacks work in the latest...
