Cyberattacks are evolving faster than many MSP and corporate defenses can keep up, with phishing driving much of today’s cybercrime. Join our upcoming webinar to learn how to combine security and recovery strategies to reduce risk and maintain business continuity. […]
Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery Read More »
CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this month after going undetected for 13 years. […]
CISA flags Apache ActiveMQ flaw as actively exploited in attacks Read More »
Microsoft warns that some Windows domain controllers are entering restart loops after installing the April 2026 security updates. […]
Microsoft: Some Windows servers enter reboot loops after April patches Read More »
Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate any user within the service. The details of the vulnerabilities are below – CVE-2026-20184 (CVSS score: 9.8) – An improper certificate validation in the integration of single sign-on
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution Read More »
A “novel” social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and cryptocurrency sectors. Dubbed REF6598 by Elastic Security Labs, the activity has been found to leverage
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks Read More »
23-year-old Kamerin Stokes of Memphis, Tennessee, was sentenced to 30 months in prison for selling access to tens of thousands of hacked DraftKings accounts. […]
Man gets 30 months for selling thousands of hacked DraftKings accounts Read More »
Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or elevated administrator permissions. […]
Recently leaked Windows zero-days now exploited in attacks Read More »
The latest wave of “Operation PowerOFF,” on April 13, 2026, targeted the distributed denial-of-service (DDoS) ecosystem and its users across 21 countries. […]
Operation PowerOFF identifies 75k DDoS users, takes down 53 domains Read More »
A researcher known as “Chaotic Eclipse” has published a proof-of-concept exploit for a second Microsoft Defender zero-day, dubbed “RedSun,” in the past two weeks, protesting how the company works with cybersecurity researchers. […]
New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges Read More »
A new malware called ZionSiphon, specifically designed for operational technology, is targeting water treatment and desalination environments to sabotage their operations. […]
ZionSiphon malware designed to sabotage water treatment systems Read More »