Operations | Monitoring | ITSM | DevOps | Cloud

CVE 2025-11561 affects Red Hat Linux and other distributions, requiring configuration of the Kross local authentication plugin for mitigation. Linux updates differ by vendor, with some delays in addressing vulnerabilities. A VMware tools vulnerability is actively exploited, prompting a recommendation to upgrade to a supported Linux version. Additionally, CVE 2025-58438 presents a traversal vulnerability in Python libraries on both Windows and Linux, resolved by upgrading to version 5.5.0.1.

Join us for a step-by-step tutorial on how to effectively configure your instance, customize your help desk, and automate processes using ServiceDesk Plus MSP Cloud. Also, learn how to leverage essential PSA features such as Timesheets, Billings, and Resource Management to streamline your MSP operations and achieve operational efficiency right from the start.

Learn how to design, implement, and manage a robust service delivery process to cater to your customers' IT service needs.

Microsoft has identified a zero-day vulnerability in the Windows kernel, rated 7.0 on the CVSS scale. Organizations often misprioritize vulnerabilities, focusing on high-severity scores instead of those actively exploited. Many lower-severity vulnerabilities are chained by attackers. A risk-based approach to vulnerability management is crucial. Current Windows OS versions are affected, and organizations should consider Extended Security Updates to mitigate risks as more zero days are anticipated.

Cisco has identified a new attack variant targeting firewalls, highlighting the need for user education on vulnerabilities. A vulnerability discovered on November 5th affects nearly 50,000 devices, with many still at risk as of September 30th. Organizations struggle to expedite updates due to complex configurations and implementation challenges. Recent research indicates that network edge devices are prime targets for zero-day vulnerabilities, emphasizing the need for improved security measures.

In a wide-ranging conversation, Robb Wilson—CEO and co-founder of OneReach.ai and author of The Age of Invisible Machines—joins Tim and Tom to explore the rise of agentic AI and its seismic implications for IT, organizations, and society. Robb breaks down the concept of agent runtimes, why conversational interfaces matter more than ever, and how adaptive, self-orchestrating systems will reshape work far beyond today’s service models.

The UK introduces a cybersecurity bill that enforces stricter regulations for critical infrastructure. As threat actors become more aggressive and utilize AI for advanced attacks, the legislation mandates organizations to respond quickly to incidents. Vendors must notify authorities within 24 hours, and emergency powers are created to improve cybersecurity responses. The emphasis is now on managing exposure in vulnerability practices.