SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558) 2026-06-16 at 16:33 By Zeljka Zorz A critical vulnerability (CVE-2026-48558) in SimpleHelp, a popular remote monitoring and management (RMM) tool, can be exploited remotely by unauthenticated attackers to create a new “Technician” account and use it to remote into managed endpoints, execute scripts, […]
Unpatched ScreenConnect servers open to attack (CVE-2026-3564) 2026-03-20 at 11:44 By Zeljka Zorz ConnectWise has patched a critical vulnerability (CVE-2026-3564) that could enable attackers to hijack ScreenConnect sessions by abusing ASP.NET machine keys to forge trusted authentication. About CVE-2026-3564 The ScreenConnect remote access platform is popular with managed service providers, IT departments, and technology solution
Unpatched ScreenConnect servers open to attack (CVE-2026-3564) Read More »
SolarWinds fixes critical Web Help Desk RCE vulnerabilities, upgrade ASAP! 2026-01-29 at 11:34 By Zeljka Zorz SolarWinds has fixed six critical and high-severity vulnerabilities in its popular Web Help Desk (WHD) support ticketing and asset management solution, and is urging customers to upgrade to v2026.1 as soon as possible. The vulnerabilities The WHD vulnerabilities fixed
SolarWinds fixes critical Web Help Desk RCE vulnerabilities, upgrade ASAP! Read More »
Product showcase: NAKIVO v11.1 advances MSP service delivery with secure multi-tenant management 2025-12-19 at 08:24 By Help Net Security NAKIVO Backup & Replication v11.1 brings a host of benefits to MSPs and their clients. It eliminates the need for client-side port configuration, enhances security with encrypted multi-platform support, and introduces automated failover capabilities. These features
Proofpoint Completes $1.8 Billion Acquisition of Hornetsecurity 2025-12-09 at 14:24 By Eduard Kovacs Enterprise cybersecurity giant Proofpoint has completed the acquisition of Germany-based Microsoft 365 security solutions provider Hornetsecurity. Financial details were not officially disclosed when news of the transaction came to light, but it was reported that Proofpoint would be paying $1 billion for
Proofpoint Completes $1.8 Billion Acquisition of Hornetsecurity Read More »
UK’s new Cyber Security and Resilience Bill targets weak links in critical services 2025-11-12 at 18:17 By Zeljka Zorz The UK government has introduced the Cyber Security and Resilience Bill, a major piece of legislation designed to boost the country’s protection against cyber threats. The new law aims to strengthen the digital defenses of essential
UK’s new Cyber Security and Resilience Bill targets weak links in critical services Read More »
Inside the messy reality of Microsoft 365 management 2025-10-20 at 07:00 By Anamarija Pogorelec Most MSPs agree that Microsoft 365 is now the backbone of business operations, but a Syncro survey shows that complexity, incomplete backups, and reactive security continue to slow their progress in managing it. About 60% of MSPs said Microsoft 365 powers
Inside the messy reality of Microsoft 365 management Read More »
Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371) 2025-10-10 at 13:40 By Zeljka Zorz CVE-2025-11371, a unauthenticated Local File Inclusion vulnerability in Gladinet CentreStack and Triofox file-sharing and remote access platforms, is being exploited by attackers in the wild. While Gladinet is aware of the vulnerability and of its active exploitation, a
ScreenConnect admins targeted with spoofed login alerts 2025-08-25 at 17:56 By Zeljka Zorz ScreenConnect cloud administrators across all region and industries are being targeted with fake email alerts warning about a potentially suspicious login event. The goal of the attackers is to grab the login credentials and MFA tokens of Super Admins: users who have
ScreenConnect admins targeted with spoofed login alerts Read More »
Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876) 2025-08-14 at 13:33 By Zeljka Zorz Two vulnerabilities (CVE-2025-8875, CVE-2025-8876) in N-central, a remote monitoring and management (RMM) solution by N-able that’s popular with managed service providers, are being exploited by attackers. There are no public reports of exploitation, but the confirmation came from
Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812) 2025-07-11 at 15:32 By Zeljka Zorz Threat actors are actively exploiting a recently fixed remote code execution vulnerability (CVE-2025-47812) in Wing FTP Server, security researchers have warned. Wing FTP Server and CVE-2025-47812 Wing FTP Server is a commercial file transfer server solution used by businesses,
Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812) Read More »
Attackers breached ConnectWise, compromised customer ScreenConnect instances 2025-06-02 at 20:19 By Zeljka Zorz A suspected “sophisticated nation state actor” has compromised ScreenConnect cloud instances of a “very small number” of ConnectWise customers, the company has revealed on Wednesday. “We have not observed any additional suspicious activity in ScreenConnect cloud instances since the patch was released
Attackers breached ConnectWise, compromised customer ScreenConnect instances Read More »
Attackers hit MSP, use its RMM software to deliver ransomware to clients 2025-05-28 at 14:36 By Zeljka Zorz A threat actor wielding the DragonForce ransomware has compromised an unnamed managed service provider (MSP) and pushed the malware onto its client organizations via SimpleHelp, a legitimate remote monitoring and management (RMM) tool. “Sophos MDR has medium
Attackers hit MSP, use its RMM software to deliver ransomware to clients Read More »
Outsourcing cybersecurity: How SMBs can make smart moves 2025-05-23 at 08:32 By Anamarija Pogorelec Outsourcing cybersecurity can be a practical and affordable option. It allows small businesses to get the protection they need without straining their budgets, freeing up time and resources to focus on core operations. 76% of SMBs lack the in-house skills to
Outsourcing cybersecurity: How SMBs can make smart moves Read More »
RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406) 2025-04-09 at 13:43 By Zeljka Zorz A critical RCE vulnerability (CVE-2025-30406) affecting the Gladinet CentreStack file-sharing/remote access platform has been added to CISA’s Known Exploited Vulnerabilities catalog on Tuesday. According to the vulnerability’s entry in NIST’s National Vulnerability Database, the flaw has been leveraged
RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406) Read More »
NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) 2025-03-21 at 13:33 By Zeljka Zorz A vulnerability (CVE-2024-48248) in NAKIVO Backup and Replication, a backup, ransomware protection and disaster recovery solution designed for organizations of all sizes and managed service providers (MSPs), is being actively exploited. The US Cybersecurity and Infrastructure Security Agency (CISA) has
NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) Read More »
How to choose secure, verifiable technologies? 2024-12-06 at 12:16 By Zeljka Zorz The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has published a guidance document titled Choosing Secure and Verifiable Technologies, compiled to assist organizations in making informed decisions when procuring software (proprietary or open source), hardware (e.g., IoT devices), and cloud services
How to choose secure, verifiable technologies? Read More »
Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449) 2024-12-03 at 19:48 By Zeljka Zorz Veeam has fixed two vulnerabilities in Veeam Service Provider Console (VSPC), one of which (CVE-2024-42448) may allow remote attackers to achieve code exection on the VSPC server machine. The vulnerabilities Veeam Service Provider Console is a cloud-enabled platform that
Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449) Read More »
Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575) 2024-10-24 at 12:18 By Zeljka Zorz Fortinet has finally made public information about CVE-2024-47575, a critical FortiManager vulnerability that attackers have exploited as a zero-day. About CVE-2024-47575 CVE-2024-47575 is a vulnerability stemming from missing authentication for a critical function in FortiManager’s fgfmd daemon. Remote, unauthenticated attackers could
Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575) Read More »
PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) 2024-09-25 at 17:17 By Zeljka Zorz Details about and proof-of-concept (PoC) exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk (WHD) vulnerability that could be exploited by unauthenticated attackers to remotely read and modify all help desk ticket details, are now public. “When
PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) Read More »