Halo Security Honored with 2026 MSP Today Product of the Year Award

Miami Beach, FL, USA, 2nd June 2026, CyberNewswire...

The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools

Three years ago, the practical question for an MSP building a cybersecurity practice was which "vCISO platform" to buy. The term was good shorthand for the work at the time: assessments, advisory, reporting, maybe a compliance module bolted on the side. The work has since outgrown the descriptor....

Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks

A previously unknown threat actor has been observed targeting government and military entities in Southeast Asia, alongside a smaller cluster of managed service providers MSPs and hosting providers in the Philippines, Laos, Canada, South Africa, and the U.S., by exploiting the recently disclosed...

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture

The next major breach hitting your clients probably won't come from inside their walls. It'll come through a vendor they trust, a SaaS tool their finance team signed up for, or a subcontractor nobody in IT knows about. That's the new attack surface, and most organizations are underprepared for it...

Architectural Implications of the UK Cyber Security and Resilience Bill

The UK Cyber Security and Resilience CS&R Bill represents the most significant reform of UK cyber legislation since the Network and Information Systems NIS Regulations 2018. While existing analysis has addressed the Bill's regulatory requirements, there is a critical gap in guidance on the...

FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials

Cybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation Firewall NGFW appliances as entry points to breach victim networks. The activity involves the exploitation of recently disclosed security vulnerabilities or weak credentials...

The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity

Scaling cybersecurity services as an MSP or MSSP requires technical expertise and a business model that delivers measurable value at scale. Risk-based cybersecurity is the foundation of that model. When done right, it builds client trust, increases upsell opportunities, and drives recurring...

"Getting to Yes": An Anti-Sales Guide for MSPs

Most MSPs and MSSPs know how to deliver effective security. The challenge is helping prospects understand why it matters in business terms. Too often, sales conversations stall because prospects are overwhelmed, skeptical, or tired of fear-based messaging. That's why we created "Getting to Yes": ...

Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim 'Korean Leaks' Data Heist

South Korea's financial sector has been targeted by what has been described as a sophisticated supply chain attack that led to the deployment of Qilin ransomware. "This operation combined the capabilities of a major Ransomware-as-a-Service RaaS group, Qilin, with potential involvement from North...

The MSP Cybersecurity Readiness Guide: Turning Security into Growth

MSPs are facing rising client expectations for strong cybersecurity and compliance outcomes, while threats grow more complex and regulatory demands evolve. Meanwhile, clients are increasingly seeking comprehensive protection without taking on the burden of managing security themselves. This shift...

EUVD-2021-21868

Malware in sbrugna...

EUVD-2025-25343

Malicious code in bioql PyPI...

CVE-2025-8309

There is an improper privilege management vulnerability identified in ManageEngine's Asset Explorer, ServiceDesk Plus, ServiceDesk Plus MSP, and SupportCenter Plus products by Zohocorp. This vulnerability impacts Asset Explorer versions before 7710, ServiceDesk Plus versions before 15110,...

Patch Tuesday - August 2025

Microsoft is addressing 111 vulnerabilities this August 2025 Patch Tuesday, a volume which is around the recent average. In a neat parallel with last month, Microsoft is aware of public disclosure for a single one of the vulnerabilities published today, and claims no evidence of in-the-wild...

Report Reveals Tool Overload Driving Fatigue and Missed Threats in MSPs

London, United Kingdom, 11th August 2025, CyberNewsWire...

DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints

The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider's MSP SimpleHelp remote monitoring and management RMM tool, and then leveraged it to exfiltrate data and drop the locker on multiple endpoints. It's believed that the attackers exploited a tri...

CVE-2023-22964

Zoho ManageEngine ServiceDesk Plus MSP before 10611, and 13x before 13004, is vulnerable to authentication bypass when LDAP authentication is enabled...

Why Continuous Compliance Monitoring Is Essential For IT Managed Service Providers

Regulatory compliance is no longer just a concern for large enterprises. Small and mid-sized businesses SMBs are increasingly subject to strict data protection and security regulations, such as HIPAA, PCI-DSS, CMMC, GDPR, and the FTC Safeguards Rule. However, many SMBs struggle to maintain...

The Ultimate MSP Guide to Structuring and Selling vCISO Services

The growing demand for cybersecurity and compliance services presents a great opportunity for Managed Service Providers MSPs and Managed Security Service Providers MSSPs to offer virtual Chief Information Security Officer vCISO services—delivering high-level cybersecurity leadership without the...

Introducing Akamai Managed Service for API Security

...