Our Managed Detection and Response Services provide continuous monitoring from a team who’ll neutralise any breaches at speed...
Gain access to malware experts to quickly contain threats and reduce future exposure to attacks...
Integrity360 has been recognised as a Gartner Representative Vendor.
Many organisations are choosing CyberFire MDR to strengthen their defences. Discover how it can protect your business in our brochure.
Cyber attacks often seem faceless, but hidden behind the headlines of financial loss and technical details there are very real human stories.
In 2025, we’re witnessing a shift in how ransomware operates, who it targets, and the consequences of falling victim.
Stay ahead of the latest cybersecurity industry developments, advancements and threats, and understand how you can best protect your organisation.
Do you know what your company’s network vulnerabilities are? Businesses that invest in penetration testing do.
If your business handles credit card data, PCI DSS compliance isn’t optional—it’s critical. From retailers and e-commerce platforms to service providers and financial institutions, securing credit card data is critical to customer trust and preventing fraud.
Stay informed with the latest cybersecurity news with our weekly threat roundups.
Confused about cybersecurity? Our A-Z Glossary of terms can help you navigate this complicated industry.
For many small and mid-sized businesses, cybersecurity can feel overwhelming.
SOC 2 certification reflects Integrity360’s continued investment in strengthening cyber resilience for clients across highly regulated and high-risk industries.
Leading Canadian cybersecurity services provider Advantus360 joins Integrity360 creating the group’s first hub in North America
Under Attack?
CVE‑2026‑2329 is a critical stack‑based buffer overflow vulnerability affecting the Grandstream GXP1600 series of VoIP desk phones. The flaw sits in the device’s web‑based API endpoint and can be exploited remotely without any authentication. If successfully exploited, an attacker can gain full remote code execution with root privileges on the phone.
-1.png)
CVE-2026-2649 is a high severity integer overflow vulnerability in the V8 JavaScript engine used by Google Chrome. The issue affects Chrome versions earlier than 145.0.7632.109. If a user opens a specially crafted HTML page, the flaw can lead to heap corruption inside the browser.
Because V8 handles JavaScript execution, weaknesses in this component can have wide impact across normal browsing and sandboxed processes.
.jpg)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical SolarWinds Web Help Desk (WHD) vulnerability—CVE‑2025‑40551—to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild. The flaw carries a CVSS score of 9.8 and enables unauthenticated remote code execution (RCE) via deserialization of untrusted data. This vulnerability poses a severe risk to enterprises, government agencies, and critical infrastructure relying on SolarWinds WHD.
The popular open source txt editor Notepad++ has been targeted in a sophisticated supply chain attack by a suspected state sponsored threat actor.
Ivanti has disclosed and patched two critical security vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM) that have been actively exploited in zero-day attacks. The flaws, tracked as CVE-2026-1281 and CVE-2026-1340, allow unauthenticated remote code execution and carry CVSS scores of 9.8, placing them among the most severe vulnerability classes. One of the vulnerabilities has been added to the CISA Known Exploited Vulnerabilities (KEV) catalog, significantly increasing the urgency for remediation, particularly across U.S. federal environments.
.png)
Microsoft has issued an out of band emergency patch addressing an actively exploited Microsoft Office zero day vulnerability, tracked as CVE202621509. The flaw is a security feature bypass that allows attackers to circumvent core COM/OLE-based mitigations in Microsoft 365 and Microsoft Office.
Over the past few weeks and mentioned in our earlier advisory-
.png)
A critical remote authentication bypass vulnerability (CVE-2026-24061, CVSS 9.8) has been discovered in the GNU InetUtils telnetd service, affecting all versions from 1.9.3 through 2.7. The flaw allows unauthenticated attackers to instantly obtain root access on affected systems by leveraging improper handling of the USER environment variable. The issue remained undetected for nearly 11 years and is now being actively probed by malicious actors.
CrashFix is an active and highly deceptive browser-based malware campaign that abuses a malicious Google Chrome extension to deliberately crash users’ browsers and socially engineer them into executing attacker-supplied commands. The campaign ultimately delivers a previously undocumented Windows remote access trojan known as ModeloRAT. The activity has been attributed to a traffic distribution and access-brokering operation tracked as KongTuke, also known by aliases such as TAG-124 and 404 TDS. Publicly documented in January 2026 by Huntress, this campaign represents an evolution of ClickFix-style attacks, weaponizing user frustration and trust in legitimate platforms to gain execution on corporate systems.
VoidLink is a newly disclosed, highly advanced, cloud-native Linux malware framework designed for stealthy, long-term access to modern cloud and containerized environments. First identified in December 2025 and publicly documented in January 2026 by Check Point Research, VoidLink represents a significant evolution in Linux-focused post-exploitation tooling. Its modular design, deep cloud awareness, and adaptive stealth mechanisms suggest use in cyber espionage and potentially supply chain compromise, with attribution pointing toward China-affiliated threat actors.
