The CRN MSP 500 ecosystem, including the Elite 150, Pioneer 250, and Security 100, provides a clear picture of how managed service providers see their businesses evolving. When you read the responses from MSP leaders across the profiles and interviews, four themes emerge consistently: Together these themes describe a fundamental shift in the managed services industry, from IT support toward security-driven digital operations delivered at scale.

AI is everywhere in vulnerability management right now. Technology vendors in all areas are adding new features and making bold claims about revolutionary capabilities. But here's the reality, especially for vulnerability and exposure management: more AI doesn't automatically mean less risk. The gap between AI's promise and its practical impact in enterprise vulnerability management is wider than most organizations realize.

Executive tabletop exercises are commonly positioned as cyber incident rehearsals. They tend to focus on breach containment decisions, regulatory notification timelines, and communications planning. Those elements are necessary; however, they are not what ultimately defines the true risk to the enterprise and what keeps the C-suite up at night. For senior leadership and board members, a cyber event is first and foremost a business disruption.

CVE-2026-32746 is a critical out-of-bounds write in GNU Inetutils telnetd caused by insufficient bounds checking in the LINEMODE SLC (Set Local Characters) suboption handler. Public advisories attribute the issue to the add_slc logic not verifying whether the destination buffer is already full before writing additional data. The published CVSS v3.1 score is 9.8, with network attack vector, no required privileges, and no user interaction.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Feathers ruffled with quite a shocking flaw that thankfully has been patched.

From hunting threats to solving complex problems to coding on a couch, adventures in the Black Hat NOC (Network Operations Center) are always interesting. Over the last few months and several shows, I’ve had the privilege of working with one of the other NOC partners, Cisco, to design and test our first integration between Corelight Investigator and Cisco XDR.

For years, debates about Android security have essentially focused on the wrong questions. Is the operating system secure enough? Are mobile exploits becoming more sophisticated? Are app stores doing enough to screen malicious software? These questions assume modern mobile risk begins with technology vulnerabilities. But increasingly, it does not.

The biggest challenge for developers building AI applications is no longer the translation of user intent into action, but rather limiting its scope to stay within stated business goals and prevent abuse. This challenge has moved from theoretical to mission-critical as AI agents transition from experimental projects to mainstream business tools, where a single compromised agent can expose customer data, execute unauthorized transactions, or violate compliance requirements across thousands of interactions.

Sensitive data discovery tools vary widely in hybrid coverage, identity context, and time-to-value. Most platforms handle cloud or on-premises infrastructure well, but rarely both. The strongest options connect discovery to identity and permissions, turning a file inventory into actionable risk intelligence. For Microsoft-heavy hybrid teams, that integration determines whether discovery produces reports or drives remediation.