Category: Security
Cybersecurity Threat Advisory: RMM-based phishing attacks
An ongoing phishing campaign has been observed targeting multiple vectors and leveraging legitimate Remote Monitoring and Management (RMM) tools to establish persistent remote access on compromised hosts. Read this Cybersecurity Threat Advisory to mitigate risk for you and your clients....
Cybersecurity Threat Advisory: Linux kernel vulnerabilities exploited by Dirty Frag
Dirty Frag is a newly disclosed Linux kernel local privilege escalation (LPE) exploit chain. It combines two independent kernel vulnerabilities—CVE‑2026‑43284 and CVE‑2026‑43500—to deliver reliable, first‑attempt root access across virtually all major Linux distributions. A working proof of concept (PoC) is...
Cybersecurity Threat Advisory: PAN-OS Captive Portal zero-day vulnerability
Threat actors are actively exploiting a PAN‑OS zero‑day that impacts the User‑ID Authentication (Captive) Portal. This exploit enables unauthenticated remote code execution with root privileges on PA‑Series and VM‑Series firewalls. Continue reading this Cybersecurity Threat Advisory to learn how to...
Cybersecurity Threat Advisory: MOVEit authentication bypass vulnerability
A vulnerability has been identified involving a critical authentication bypass in Progress MOVEit Automation, a widely used managed file transfer and automation platform. This flaw allows unauthenticated attackers to bypass authentication mechanisms and gain unauthorized access to MOVEit Automation environments....
The compliance trap: checking boxes isn’t the same as being secure
When businesses pass a SOC 2 audit, complete a HIPAA assessment, or earn a Cyber Essentials certification, there’s often a sense of relief—the work is done. In reality, that moment is where risk often begins. “Compliance frameworks establish a baseline,”...
Cybersecurity Threat Advisory: Blue Hammer zero-day
A researcher leaked a zero‑day vulnerability dubbed “BlueHammer” to protest Microsoft’s handling of the private disclosure process. Although the published code contains implementation bugs, attackers with local access can still use it to compromise affected systems. Read this Cybersecurity Threat...
Cybersecurity Threat Advisory: CloudZ RAT targeting Microsoft Phone Link
A new CloudZ RAT variant uses a stealthy plugin called Pheno to hijack Microsoft Phone Link on Windows 10 and 11, allowing attackers to intercept SMS messages and one-time passcodes synced from mobile devices. Active since at least January, the...
Cybersecurity Threat Advisory: Apache HTTP Server security issues
Apache has released Apache HTTP Server version 2.4.67 to address five security vulnerabilities, including a critical flaw that may allow remote code execution over HTTP/2 (CVE-2026-23918). Read this Cybersecurity Threat Advisory now to mitigate you and your clients’ risk. What...
Cybersecurity Threat Advisory: “Copy Fail” Linux vulnerability
Security researchers have disclosed CVE-2026-31431, commonly known as “Copy Fail,” a high-impact Linux local privilege escalation vulnerability affecting multiple distributions, including enterprise and cloud-optimized variants. Read this Cybersecurity Threat Advisory now to mitigate you and your clients’ risk. What is...
How MSPs close the cloud migration security gap
When a client migrates to Microsoft 365 or Google Workspace, the instinct is to declare victory once emails are flowing, files are accessible, and users are productive again. The project feels complete. Except it isn’t, because security didn’t make the...
