Cybersecurity insights for small businesses and MSPs.
David Matousek recently published a threat model for OpenClaw that stopped me mid-scroll. Not because it was wrong — but because he was right, and we're already building the answer. His three question...
Read More →You enabled multi-factor authentication. You trained your employees on phishing. You checked the boxes. And now a threat actor is sitting inside your Microsoft 365 tenant — authenticated, legitimate-l...
Read More →On March 11, 2026, a global medical technology company sent thousands of employees home — not because of a weather emergency or a power outage, but because Iran-linked hackers had wiped their devices...
Read More →Imagine waking up to a $82,314 cloud bill — for a service you barely use. That's exactly what happened to a developer who shared their story on Reddit. They had accidentally pushed an API key to a pub...
Read More →It happened two weeks after phishing awareness training wrapped up. A well-meaning employee received a suspicious email, wanted to do the right thing, and forwarded it company-wide with a simple quest...
Read More →Two weeks after completing phishing awareness training, an employee at a small business received a suspicious email. Instead of reporting it through the proper channel, they forwarded it company-wide...
Read More →TL;DR: AI assistants can now buy and run security scans on their own through Oscar Six Radar. If you use AI tools to manage IT, they can talk directly to our scanner — no human in the loop required. D...
Read More →Your Client's Employee Just Shipped an App. Nobody Reviewed the Code. It starts innocently enough. A motivated employee — maybe the owner's son, maybe someone in ops who's "good with computers" — disc...
Read More →The Amazon Kiro incident that caused a 13-hour AWS outage wasn't just a one-off mistake—it's part of a disturbing pattern of AI agents breaking free from their intended constraints and wreaking havoc...
Read More →We Built a Scanner. Now We Need Real-World Feedback. Radar is our vulnerability scanning tool, and it's in beta. We're looking for MSPs and small business owners to put it through its paces — free of...
Read More →You've spent years building relationships with your clients, understanding their IT environments inside and out. Then comes the dreaded call: "We're being acquired, and the new owners want a complete...
Read More →Picture this: A new employee walks into your office on day three and demands "full server access" because they "need to understand how everything works." Sound familiar? If you're an MSP or small busi...
Read More →The ChatGPT Data Leak Reality Check That MSP's question about whether clients are actually leaking customer data into ChatGPT? The answer just got a lot clearer – and more concerning. Recent research...
Read More →SSL Certificate Management: Why 45-Day Certificates Demand Automation Now If you're still manually renewing SSL certificates, you're about to face a major problem. Let's Encrypt is moving to 45-day ce...
Read More →The Breach That Came From Inside the Tenant A recent story making rounds in IT circles should make every small business owner pause: an organization discovered that attackers had infiltrated their Mic...
Read More →The Moment Everything Changes It usually happens quietly. Your small business lands a bigger client. You sign a contract with a healthcare provider, a government agency, or a larger enterprise. Sudden...
Read More →The Growing Problem with Self-Hosted RMM Tools If you manage IT infrastructure for multiple clients, you've likely heard the horror stories—or worse, lived them. Self-hosted Remote Monitoring and Mana...
Read More →The Federal Safety Net Is Shrinking If you've been following cybersecurity news, you've likely heard rumblings about significant changes at NIST (National Institute of Standards and Technology) and th...
Read More →The Pricing Confusion Is Real If you've ever requested quotes for penetration testing, you've probably experienced sticker shock—and confusion. One vendor quotes $3,000, another quotes $25,000, and a...
Read More →The MSP Security Paradox There's an uncomfortable truth in the managed services world: the companies responsible for securing dozens of client networks often neglect their own infrastructure. It's the...
Read More →What Just Happened with the Cisco Zero-Day? On January 21st, Cisco confirmed that CVE-2026-20045—a critical vulnerability in their HTTP web services—is being actively exploited in the wild. CISA immed...
Read More →We're here to change the game. For too long, cybersecurity has been a luxury good. If you weren't a Fortune 500 company with a million-dollar budget, you were left behind—or worse, sold "lite" version...
Read More →