Category: Security
Cybersecurity Threat Advisory: CrushFTP zero-day vulnerability
CrushFTP has disclosed a new critical vulnerability, CVE-2025-54309, which is currently being exploited in the wild. One indicator of compromise is a “last_logins” value set for internal default accounts. Review the details in this Cybersecurity Threat Advisory to help minimize...
Cybersecurity Threat Advisory: Microsoft SharePoint zero-day vulnerability
Attackers are actively exploiting CVE-2025-53770, a critical zero-day vulnerability in Microsoft SharePoint, to execute remote code without authentication. This flaw allows attackers to deploy persistent malware and potentially exfiltrate sensitive data from unpatched on-premises environments. Review the full details in...
Vacation season is open season for cybercriminals: Here’s why
For school children, summer means lazy days of swimming pools, splash pads, melting ice cream cones, and camp. For cybersecurity professionals, it means being on guard 24/7, because cybercriminals don’t take a summer break. The summertime impact Cyberattacks now occur...
Barracuda launches Entra ID Backup Premium to strengthen Microsoft Identity data recovery
Barracuda has introduced Entra ID Backup Premium, a SaaS-based solution designed to help organizations recover Microsoft Entra ID data beyond the platform’s default 30-day retention window. The launch adds a critical layer to identity protection, enabling fast restoration of users,...
Cybersecurity Threat Advisory: FileFix attack weaponizes Windows File Explorer
Security researchers have uncovered a new attack method known as “FileFix,” which exploits Windows File Explorer to execute stealthy PowerShell commands. By abusing legitimate Windows functionality, attackers can run malicious code while evading traditional security controls. Read this Cybersecurity Threat...
Cybersecurity Threat Advisory: Microsoft SQL server zero-day vulnerability
A critical information disclosure vulnerability has been identified in Microsoft SQL Server, designated as CVE-2025-49719 with a CVSS score of 7.5. This vulnerability allows unauthorized attackers to access sensitive data over a network, posing a serious risk to organizations that...
Cybersecurity Threat Advisory: FortiWeb critical SQL injection vulnerability
A high-severity SQL injection vulnerability, CVE-2025-25257, in Fortinet FortiWeb enables pre-authenticated remote code execution (RCE). It has a a CVSS score of 9.8. Review the details in this Cybersecurity Threat Advisory to keep your environment safe. What is the threat?...
The cybersecurity gap is real—And MSPs are the solution
Despite frequent headlines about successful cyberattacks, many small businesses remain unprepared. Small business cybersecurity is still falling short in the face of growing threats. A survey of 1,000 small businesses with annual revenues of less than $100 million finds that...
Cybersecurity Threat Advisory: Fortinet FortiOS buffer overflow vulnerability
Fortinet disclosed a FortiOS operating system vulnerability, CVE-2025-24477, which has a CVSS score of 4.0. This vulnerability enables an authorized attacker to execute arbitrary code or commands to escalate privileges. Review the details of this Cybersecurity Threat Advisory to protect...
Cloud success: The critical role MSPs play
After more than a decade of using cloud computing services, many organizations are still struggling to justify a return on investment (ROI). A survey of 350 senior IT leaders in the U.S finds that more than three-quarters (78 percent) admit finding it...
