Ongoing attacks against Sangoma #FreePBX systems (since Aug 21) exploit publicly exposed Admin Control Panels. 🔹 Affected: v16 & v17 w/ Endpoint Manager installed.🔹 Fix: EDGE module update (temp fix).🔹 + Restrict ACP to trusted IPs or VPN. Details:

Citrix has patched 3 #NetScaler flaws—including a zero-day (CVE-2025-7775, CVSS 9.2) exploited in the wild. ❗ Affects VPN, AAA, & mgmt interfaces.❗ No workarounds—patch now.✅ Cloud services already updated. Details: #POC #exploit #vulnerability.

🔑 11 popular extensions affected .⚠️ Some patches issued, others unpatched as of Aug 20 .🛡️ Mitigation: disable autofill + audit extensions. More details: . #TTPs.

At #DEFCON33, Marek Tóth revealed a new #exploit that weaponizes privileged #browser extensions like password managers. By manipulating the DOM, attackers can hijack hidden extension UIs—triggering autofill, exports, or settings changes without user awareness.

🚨 CISA warns of 2 critical #Nable N-central flaws actively exploited. MSPs: patch now, enable MFA & review logs. Details 👉 #CVE20258875 #CVE20258876 #Ncentral #MSP.

Trend Micro released a mitigation tool for a Critical command injection flaw (#CVE202554948/#CVE202554987) being actively exploited. Apply the #Fixtool for a quick fix, but note that the Remote Install Agent will be disabled. Patch coming mid-Aug. More:

cont'd mitigation steps for #SonicWall SSL VPN users. 👉 Review auth logs for unusual access patterns, especially successful logins from unexpected ISPs or locations.👉 Implement MFA across all remote access systems.👉 Monitor SonicWall notices & advisories for updates.

For all orgs using SonicWall SSL VPN appliances, we recommend that you:. 👉 Disable SonicWall SSL VPN services or limit access.👉 Forward SonicWall VPN logs to your appliance for analysis.👉 Block reported network IOCs posted here:

While credential-based VPN network compromises are rising, the spike in related incidents across clients of different MSPs led us to consider broad exploitation as root cause. On Aug 2, we pushed AROs to 100s of clients with public-facing SonicWall VPNs recommending fast action.

SonicWall confirmed an increase in cybersecurity incidents affecting Gen 7 firewalls with SSL VPN enabled, corroborating our previously reported observations. However, we have one confirmed case involving the Gen 8 SonicWall NSa 3800 running SonicOS 8.0.2.

Defending against #ToolShell -.👉 Apply patches.👉 Audit access logs for suspicious POST requests to ToolPane.aspx.👉 Review firewall rules to restrict access to vulnerable endpoints.👉 Monitor for signs of unauthorized deserialization activity.

Endpoint agent or agent of chaos? . Our Founder/CEO @notnotaspy and VP of R&D are teaming up for a no-fluff chat on why some endpoint agents fail and, more importantly, what makes a great one truly great. 🗓️ June 26 @ 1pm ET - register here:

Thank you to our users who shared their thoughts, feedback, and experiences using Field Effect MDR! Our ranking proves our unwavering commitment to putting partners and clients first. 🙌.

RT @ICTC_CTIC: As we enter the second day of ICTC's #CyberTitanVIII national finals, we would like to thank our sponsors, partners, and Cyb….

Or, skip straight to details in our newly published Field Effect MDR Product Scorecard:

You can read more about our win here:

Thanks to our users for ranking us the #1 MDR for the third year in a row in the 2025 SoftwareReviews Emotional Footprint Report! We're proud to know our clients and partners give us top marks in categories like trustworthiness, reliability, and innovation.

RT @MISAOntario: 🚨 #MISAOn Webinar – March 26 @ 11am EST 🚨 Learn why Essex County chose the TELUS-Field Effect MDR Solution. Speakers: Patr….

The threat actor UNC3886 has been observed targeting end-of-life Juniper Networks routers to install several variations of its TinyShell backdoor. In addition, UNC3886 was also observed deploying rootkits. More here:

Newly discovered zero-day vulnerabilities in several VMware products are being actively exploited:. CVE-2025-22224 - A heap overflow vulnerability .CVE-2025-22225 - A write vulnerability .CVE-2025-22226 - An information-disclosure flaw. Details here: