“Send your L1 team a one-paragraph brief on the Copilot Teams rollout today. Give them the exact words to say. It'll save you 20 unnecessary tickets this week.”
Microsoft 365 Exchange Online Outlook Outage May 5, 2026
Some users unable to access Exchange Online through Outlook on the web with error messages. Issue resolved but part of recurring M365 service degradation pattern in May 2026.
Read more →CVE-2026-32202 Windows Zero-Click NTLM Hash Leak Now Exploited
Zero-click vulnerability in Windows Shell left behind by incomplete February patch (CVE-2026-21510). CISA added to KEV catalog with May 12 federal patch deadline. Enables lateral movement and credential theft via LNK file exploitation.
Read more →BlueHammer, RedSun, UnDefend Microsoft Defender Zero-Days Actively Exploited
Three critical Defender flaws under active exploitation since April 10. BlueHammer (CVE-2026-33825) patched in April Patch Tuesday; RedSun and UnDefend remain unpatched, enabling SYSTEM privilege escalation and definition update blocking.
Read more →CVE-2026-0300 Palo Alto PAN-OS Root RCE Now Actively Exploited
Critical buffer overflow in User-ID Authentication Portal (Captive Portal) of PAN-OS PA/VM series firewalls. CVSS 9.3, limited in-the-wild exploitation confirmed May 6. Palo Alto working on patches; implement mitigations immediately on internet-facing instances.
Read more →SonicWall CVE-2026-0204 Authentication Bypass Affects Gen 6-8 Firewalls
High-severity authentication bypass in SonicWall SMA1000 and all SonicOS generations. 430,000+ exposed firewalls at risk. No in-the-wild exploitation confirmed yet but rapid reconnaissance detected. Patch immediately and reset migrated admin passwords.
Read more →SonicWall SQL Injection CVE-2026-4112 in SMA1000 Series
High-severity SQL injection flaw allows read-only admins to escalate to primary admin. Four vulnerabilities patched in SMA1000 series; three additional issues enable SSL VPN user enumeration and TOTP bypass.
Read more →NinjaOne Named Gartner Leader Quadrant for Endpoint Management Q1 2026
NinjaOne achieved first-ever Gartner Magic Quadrant Leader position in endpoint management, valued at $5B with 35,000+ customers. Native platform spanning RMM, endpoint backup, MDM, and vulnerability management differentiates from acquisition-heavy rivals.
Read more →ConnectWise Acquires Axcient and SkyKick for BCDR and Backup Expansion
ConnectWise completed acquisitions of Axcient (BCDR) and SkyKick (cloud backup) to compete with Kaseya/Datto ecosystem. Offers MSPs integrated data protection stack across RMM, backup, and disaster recovery platforms.
Read more →Datto RMM Pricing Pressure Post-Kaseya Acquisition: Contract Lock-In Rising
Three years post-acquisition ($6.2B in 2022), Datto RMM shows contract rigidity and pricing creep. MSPs report high watermark billing, forced Autotask integration preference, and migration pressure to NinjaOne/ConnectWise Automate.
Read more →Free forever. Plus the full “From the Floor” commentary with every issue.
Written from 12 years on the helpdesk floor.
// no spam · unsubscribe anytime · weekdays only
// for informational purposes only · not professional IT or security advice · summaries are AI-assisted and may contain inaccuracies · always verify with the linked source before acting