Key Channel Headlines: Syncro Launches XMM, Malwarebytes Enhances ThreatDown Partner Program, and More

MSP Technology News Headlines

Syncro’s new XMM platform launch leads the headlines for this week, but there’s also a lot of interesting technology news from all over the industry. From cybersecurity to career growth to partner program enhancements, you’ll want to stay in the know. Ready for a quick rundown of this week’s MSP news and partner program updates? Scroll on down!

Syncro Launches XMM Unified IT and Security Management Platform with Microsoft Integration

Syncro XMM, a unified IT and security platform in collaboration with Microsoft, simplifies, enhances, and helps MSPs scale efficiently.

Key quote from the press release:

“As more businesses migrate to Microsoft 365, MSPs struggle with increasing pressure to manage both security and IT operations across multiple clients, often relying on fragmented tools that create inefficiencies. XMM simplifies the entire process by providing a unified platform that enhances security and operational effectiveness. Our integration with Microsoft helps MSPs maximize the power of Microsoft 365 while maintaining an even stronger security posture.” — Michael George, CEO, Syncro

➡️ Expanded ChannelPro Coverage on Syncro’s Announcement

Malwarebytes Ignites Partner Success with Targeted Channel Initiatives

Strategic developments enhance the ThreatDown Partner Program and further its channel-first focus.

Key quote from the press release:

“Malwarebytes remains deeply dedicated to our channel-first vision, ensuring that our partners and MSPs have the tools, training, and resources they need to succeed. Our latest initiatives strengthen our partner ecosystem, create new opportunities, and ensure our partners can protect their clients with confidence.” — Marcin Kleczynski, founder and CEO, Malwarebytes

Huntress Debuts Industry-disrupting Managed SIEM to Democratize Cybersecurity for Businesses of All Sizes

Compliance support, investigation, detection, response, and threat hunting without the hefty price tag, resource drains, or headaches of traditional SIEMs.

Key quote from the press release:

“Security incidents can happen in minutes, and protection shouldn’t be reserved only for companies with big budgets and teams. SIEM providers talk a big game with promises of a single pane of glass, actionable visibility, and improved compliance and security posture, but the reality is complexity, noise, and soaring storage costs. We dropped the big data-lake mentality and built our SIEM to store only the data required for threat hunting and compliance. … We are ready to unshackle security teams from lengthy integrations, customizing rules, and sifting through massive amounts of data looking for a needle in a haystack.” — Chris Bisnett, chief technology officer and co-founder, Huntress.

➡️ Huntress also released its Managed Identity Threat Detection and Response (ITDR) solution.

BARRACUDA REPORT: 23% of HTML Email Attachments Are Malicious in 2025

The 2025 Email Threats Report highlights how attackers evade detection by security tools. Advanced AI-based threat detection is critical for detecting such hidden threats.

Key stats from the report:

• 23% of HTML attachments are malicious, making them the most weaponized text file type. More than three-quarters of the malicious files detected overall were HTML files. When used legitimately, HTML attachments in emails enable organizations to share content, such as newsletters or invitations, that display properly when opened in an email client or web browser.
• 68% of malicious PDF attachments and 83% of malicious Microsoft documents contain QR codes designed to take users to phishing websites.
• Bitcoin sextortion scams account for 12% of malicious PDF attachments.
• 47% of email domains do not have domain-based message authentication, reporting, and conformance (DMARC) configured to protect against unauthorized use, including spoofing and impersonation attacks.
• 24% of email messages overall are now malicious or unwanted spam.

Hewlett Packard Enterprise Redefines Cloud-based Security with Expansive Solutions for Zero Trust Networking and Private Cloud Operations

HPE expands ZTNA solutions and secures sovereign cloud infrastructure against threats.

Key quote from the press release:

“With the rise in adoption of data-fueled AI applications, organizations are facing more sophisticated threats to anywhere data is stored, captured or transmitted. HPE’s security solutions deliver advanced protection to help organizations mitigate risk, defend against attacks and build resiliency.” — Phil Mottram, executive vice president and general manager, HPE Aruba Networking

SOFTwarfare Launches iDXDR at RSAC 2025: Breakthrough Identity Threat Platform Unifying IAM With XDR to Stop Cyber Attacks Faster

This innovative offering goes far beyond traditional multifactor authentication by incorporating components to build trust per session, utilizing user entity behavioral analytics, and passwordless NIST-compliant MFA for continuous, adaptive security.

Key quote from the press release:

“iDXDR doesn’t just add identity to XDR; it completely redefines what XDR can achieve. By embedding continuous biometric and behavioral authentication into the detection and response loop, we give security teams the actionable intelligence needed to detect identity compromise and abuse instantly, correlate threats across the cyber kill chain, and automatically stop attacks before they escalate.” — Wyatt Cobb, CEO, SOFTwarfare

Forcepoint Unveils Data Security Cloud, Uniting Visibility and Control for Data Everywhere

Forcepoint Data Security Cloud is a complete, AI-powered data security platform uniting visibility and control of data everywhere it’s created, stored or moved.

Key quote from the press release:

“Forcepoint Data Security Cloud marks a turning point for how organizations manage data risk. Security teams are tired of asking, ‘How did we miss it?’ With Forcepoint, the answer is: ‘We didn’t.’ Forcepoint Data Security Cloud helps them understand what’s critical, adapt as risks evolve, and leverage the cutting edge in AI, automation and unified management to reduce costs and increase efficiency. It’s the only data security customers need.” — Ryan Windham, CEO, Forcepoint

Microsoft Deepens Investment in Partners Through New CSP Offers and Capabilities

Microsoft announced additional updates that will make it easier for CSP partners to drive more renewals and upgrades, retain customers, and scale their businesses.

Key updates from the blog post:

• Three-year subscription terms for Microsoft 365 E3 and E5, with or without Teams, as well as Teams Enterprise licenses in CSP on June 1, 2025. This will offer a more consistent experience across purchasing channels, including those transitioning from expiring Enterprise Agreements (EAs).
• Effective July 1, 2025, a three-year subscription for E5 mini suites, which include Microsoft 365 E5 Security and E5 Compliance, will become available.
• A new channel transfers interface in the Partner Center will help renew expiring EA offers into CSP and maintain the customers’ Teams entitlements.
• AI-powered automation that streamlines midterm upgrades by handling subscription cancellations and credits automatically, resulting in fewer duplicate SKUs.

CYBERNEWS REPORT: Password Crisis Deepens in 2025

A new study of over 19 billion newly exposed passwords manifests a widespread weak password reuse crisis. Lazy keyboard patterns reign supreme, and 94% of passwords are reused or duplicated, data leaks from 2024-2025 reveal.

Key takeaways from the report:

• Most people use eight- to 10-character passwords (42%), with eight being the most popular.
• Almost a third (27%) of the passwords analyzed consist of only lowercase letters and digits.
• Passwords composed of profane or offensive words might seem rare, but they’re actually very common in practice.
• Despite years of being called out, default and “lazy” passwords like “password,” “admin,” and “123456” are still a common pattern.

Paessler Launches Dedicated North American MSP Program led by Channel Veteran Joe Paquet

The leading provider of IT and IoT monitoring solutions unveiled its first-ever dedicated MSP program for North America. The program is designed to help MSPs grow their businesses through a scalable, predictable, and profitable model.

Key quote from the press release:

“Businesses rely on MSPs to drive maximum value in their digital transformation journey while mitigating risks, improving efficiency, and cutting costs. Our new program is designed to empower MSPs to meet these demands effectively, providing a service-led model that enables them to scale and grow alongside their clients.” — Joe Paquet, MSP sales manager North America, Paessler

OpenText Cybersecurity Releases 2025 Threat Report

This year’s report found a surge in AI-powered phishing tactics and cyberattacks, growing volume and complexity in attacks on SMBs, and insights into how some SMBs are finding success in fighting back.

Key findings from the report:

• Malware infections targeting businesses jumped 28% year over year – the highest rate since 2020.
• Eastern and Central Europe emerged as malware infection hotspots, with a rise in politically motivated attacks tied to the Russia-Ukraine conflict.
• Phishing campaigns reached new levels of sophistication, with threat actors leveraging over 170 million instances of Living Off the Land tactics.
• Google APIs, Amazon AWS and Cloudflare IPFS were among the most highly abused services.

➡️ Expanded ChannelPro Coverage on the OpenText Report

Cisco Drives Innovation to Reimagine Security for the AI Era

New Cisco innovations address the complexities for security professionals to embrace the AI era in today’s dynamic threat landscape.

Key quote from the press release:

“The cybersecurity threat landscape has never been more dynamic and complex, with adversaries constantly emboldened and enabled by AI to drive new attacks and exploits. To fight back, understaffed security operations and IT leaders need AI power of their own. Cisco is continuing its mission to secure AI and leverage AI for security with novel open-source models and tools, new AI agents, and IoT advancements, alongside the full breadth of the Cisco Security Cloud. Together, these innovations will help level the playing field and deliver AI innovation that makes all businesses more secure.” — Jeetu Patel, executive vice president and chief product officer, Cisco

RSA Announces New Innovations to Stop Help Desk Scams and Protect Passwordless Environments

The groundbreaking cybersecurity innovations announced at RSAC Conference 2025 defend organizations against the next wave of AI powered identity attacks, including IT Help Desk bypasses, malware, social engineering, and other threats.

Key quote from the press release:

“Passwordless approaches offer tantalizing business benefits like improved user experience and cost savings, but as with any new technology passwordless also introduces new risks into the environment. RSA’s platform offers the only enterprise-worthy passwordless solution that has security and resilience designed to address those risks. Off-the-rack passwordless isn’t good enough for government agencies, financial services, and other security-first leaders.” — Rohit Ghai, CEO, RSA

Introducing the Armor Intelligence Platform: Human Reasoning at Machine Speed

This transformative advancement supercharges Armor’s security operations center (SOC), accelerating detection and response to emerging threats while mirroring the precision and rigor of a human-led investigation.

Key outcomes from the press release:

• Accelerated and Accurate Threat Resolution: AI-driven threat validation combined with expert human oversight cuts mean time to decision by up to 95% without sacrificing precision
• Scalable Investigation of All Signals: Automatically identifies and enriches critical threat indicators across diverse data sources, accelerating threat analysis workflows by over 8x
• Rigorous Threat Assessment: Understands the broader context of security signals, like whether an alert is linked to a previously identified vulnerability or is part of an ongoing attack campaign, reducing false positives through contextual enrichment of security alerts
• Explainable AI-Driven Analysis: Modeled after the real-world investigative techniques of SOC analysts, ensuring decisions are transparent and auditable — a critical differentiator in an era of evolving AI ethics standards.

Sumo Logic Unifies Security to Deliver Intelligent Security Operations

New innovations across AI, automation, and integrated threat intelligence converge to help security teams detect earlier, investigate faster, and respond smarter

Key quote from the press release:

“With the rise of AI-powered attacks, dynamically scaling cloud environments, and growing data complexity, legacy solutions are significantly slowing detection and response. The innovations we’re unveiling at RSA this week fuel DevSecOps via the power of logs by centralizing security log management at scale to deliver intelligence through actionable insights that modern SecOps teams need to stay ahead of the evolving threat landscape without suffering from alert fatigue.” — Keith Kuchler, chief development officer, Sumo Logic

ZIMPERIUM REPORT: Smishing Surges, OS Lags, Apps Exposed

The 2025 Global Mobile Threat Report found 50% of mobile devices are running on outdated operating systems

Key findings from the report:

• Mobile is the preferred vector for attackers.
• Smishing has rapidly grown to comprise over two-thirds of mobile phishing attacks.
• Vishing and Smishing tactics grew by 28% and 22%, respectively.
• Over 25% of mobile devices can’t upgrade to the latest OS versions.
• Over 60% of iOS and up to 34% of Android apps lack basic code protection.
• Nearly 60% of iOS and 43% of Android apps vulnerable to PII data leakage.

BeyondTrust Launches Free Identity Security Risk Assessment to Reveal Hidden Paths to Privilege

New assessment quickly reveals hidden Paths to Privilege™, employing AI-based detection, and provides an initial set of prioritized findings to help guide security decisions.

Key quote from the press release:

“At BeyondTrust, our mission is to fight every day to secure identities, intelligently remediate threats, and deliver dynamic access to empower and protect organizations around the world. We understand many organizations are struggling to grasp their identity risk exposure, and to that end, our new, Identity Security Risk Assessment allows companies to better understand and identify potential identity risk, all without the costs normally associated with such services.” — Sam Elliott, senior vice president of products, BeyondTrust

PRE Security Unveils GenAI EDR and MiniSOC — an Industry-first AI SOC-in-a-box solution for SME and MSSPs

PRE Security’s new GenAI Native EDR is designed for the AI-driven threat landscape, replacing outdated static, rule-based approaches with a fully generative and agentic AI design at the endpoint.

Key quote from the press release:

“Traditional EDR and XDR endpoint solutions suffer from the same limitations as legacy SIEM and SOC tools. Predetermined detection rules and response actions simply can’t keep pace with the speed and complexity of AI-driven threats. Our fully generative approach enables dynamic, intelligent detection, prediction, and response — both at the endpoint and across the SOC.” — Leo Versola, chief product officer, PRE Security

Proofpoint Releases Threat Report: The Human Factor 2025

Cyberattackers target people. They exploit people. Ultimately, they are people. The Human Factor report focuses on how technology and psychology combine to make people so susceptible to modern cyber threats.

Key stats from the report:

• Pure social engineering is featured in 25% of all advanced persistent threat (APT) campaigns.
• Advanced fee fraud increased by nearly 50%.
• More than 90% of pure social engineering APT campaigns pretend to be interested in collaboration and engagement.
• Extortion-based email fraud threats dropped by almost 70%.
• APT threat actors rely on benign conversation techniques for their phishing campaigns.
• Personalized security awareness training has the biggest impact.

Lumifi’s ShieldVision Delivers New Features, Enabling Faster, More Efficient Incident Response Without Increasing Headcount

Enhancements accelerate threat detection and remediation with scalable, enterprise-grade capabilities for any organization – from SMBs to MSSPs.

Key quote from the press release:

“The updates to ShieldVision represent a significant leap forward in our capabilities. Our priority is to provide the resources our customers need. We are addressing their concerns and challenges in today’s environment — from a global security skills shortage to the need for tools consolidation to reduce complexity and answering board-level mandates for automation and improved efficiency. With this release, organizations are able to swiftly scale cyber defenses with organizational growth and proactively defend against ransomware and emerging threats.” — Jay Bouche, chief revenue officer, Lumifi

Commvault Announces Next Evolution of Cleanroom Recovery that Further Reduces Risk of Restoring Compromised Infrastructure

Commvault extends the power of its advanced Cleanroom Recovery technology to MSPs focused on keeping enterprises resilient.

Key quote from the press release:

“When we built Cleanroom Recovery, we intentionally architected it as a cloud-native solution to fundamentally change how organizations approach recovery — not just after an incident, but proactively through automated, high-frequency testing. Unlike traditional approaches, cloud-based cleanrooms enable customers to spin up multiple isolated recovery environments in parallel, without concerns around compromised firmware or underlying hardware. And we’re not stopping at data recovery. We’re doubling down on infrastructure recovery, automation, and orchestration. As threat actors become more sophisticated, we’re helping our customers stay ahead with aggressive innovation and operational resilience at scale.” — Pranay Ahlawat, chief technology and AI officer, Commvault

Images: Syncro, HPE, Cybernews, OpenText, Zimperium