Live incidents, security alerts, and curated updates across Microsoft, Apple, Cisco, Google, Zoom, Neat, Slack, Atlassian and more β plain English for everyone, technical depth for IT pros.
Security alert: Windows CLFS zero-day (CVE-2026-29824) actively exploited by ransomware β patch KB5042314 immediately on Windows 10, 11 or Server 2019/2022. Details below β
ACTION NOWCVE-2026-29824: privilege escalation in the Windows CLFS driver, CVSS 9.8. A working PoC is live on GitHub and multiple ransomware groups are actively exploiting it. Patch KB5042314 is available via Windows Update and WSUS β deploy it today.
CVE-2026-31220: unauthenticated RCE in FortiGate SSL-VPN, affecting 7.0.xβ7.4.x. Update to FortiOS 7.4.5 immediately. If patching isn't possible, disable SSL-VPN access temporarily.
CVE-2026-20198 allows unauthenticated remote attackers to create level-15 admin accounts on Cisco IOS XE devices with the HTTP/HTTPS UI exposed. CVSS 10.0. Affects IOS XE 17.x. Disable the HTTP server if not needed: no ip http server / no ip http secure-server. Patch to 17.9.4a.
Microsoft is shutting down the old per-user MFA management portal on June 30. After that, MFA must be managed through Conditional Access policies or Security Defaults only. Migrate your CA policies now β users without one may be blocked from signing in.
macOS 15.5 has tighter Gatekeeper enforcement and background task changes that affect some EDR agents and VPN clients. Test in a pilot group before pushing to your whole Mac fleet.
The May wave brings Copilot to the Excel formula bar, deeper Teams meeting summaries with action items, and a new BizChat interface replacing M365 Chat. Rolling out May 12 for Business Premium, E3, E5. Pilot with a small group first β the BizChat change catches users off guard.
MX 18.x is now generally available for all Meraki MX appliances. Key additions: enhanced SD-WAN health monitoring, automatic path selection improvements, and new application-aware QoS rules. Upgrade from the Meraki dashboard β test on non-production MX first as VPN behaviour changes slightly.
Cisco has rolled the Webex AI Meeting Assistant (real-time transcription, summaries, action item extraction) into all Webex plan tiers at no extra cost. Direct competitor to Microsoft Teams Premium AI features. If your org uses Webex, this is now available β no licence upgrade needed.
Cisco Umbrella now includes a Zero Trust Network Access (ZTNA) module for SMB plans. Replaces legacy VPN for application access β users authenticate per-app rather than getting broad network access. Worth evaluating if you're looking to retire your current VPN.
Zoom AI Companion 2.0 adds real-time conversation translation, smarter meeting summaries with auto-assigned action items, and improved whiteboard intelligence β now included on all paid Zoom plans at no extra cost. No licence upgrade needed. Admins can enable or restrict it per user group in the Zoom Admin Portal under AI Companion settings.
Neat has released firmware 2.8.0 for Neat Board Pro, adding full support for Zoom AI Companion 2.0 and improved Microsoft Teams Room reliability. Neat Pulse (their cloud MDM) now supports bulk firmware scheduling, per-device health alerts, and a new diagnostic dashboard for IT admins managing larger Neat deployments. Auto-update can be configured via Neat Pulse under Device Management.
Slack AI channel and thread summaries are now generally available for all Enterprise Grid and Pro plan customers. Salesforce has also completed the Agentforce integration β AI agents can now take actions in Slack (create tasks, update CRM records, trigger workflows) without leaving the conversation. Admins can manage Slack AI access per workspace in Admin Settings > Slack AI.
Google has completed the rollout of Gemini AI integration across Docs, Sheets, Slides, Gmail and Meet for all Workspace Business and Enterprise plans. "Help me write", "summarise this thread" and "generate slides" are now available without add-ons. For IT admins: Gemini can be toggled per OU in the Admin Console under Apps > Additional Google Services.
Google Cloud has expanded the sydney-southeast1 region with new services: AlloyDB, Spanner, and Vertex AI are now available locally. Cloud Run pricing has been reduced ~35% for request-based billing. Good time to review if AU data residency requirements can now be met with GCP where previously you needed a workaround.
YouTube is tightening Data API v3 quotas and restricting certain third-party app access from July 1 2026. Relevant for businesses using YouTube for corporate comms, training content or social automation. Check your YouTube Data API usage in Google Cloud Console and ensure you're within new limits.
Atlassian Server end of life passed February 15 2026. If you're still running self-hosted Jira Server, Confluence Server, or Bitbucket Server, you are now on unsupported software receiving no security patches. Migrate to Atlassian Cloud or Data Center. Atlassian is offering migration credits β use them now.
Atlassian Rovo β their AI search and knowledge assistant β is now generally available for all Jira and Confluence Cloud customers on Standard plan and above. Rovo can search across Confluence, Jira, Google Drive and Slack from one place. Jira issue summaries and sprint retrospective AI are also now included.
DDM for macOS is now GA in Intune. Replaces the older MDM check-in model with push-based commands β faster policy enforcement and better Apple Silicon support. Enable in your macOS config profiles. Pairs with Platform SSO for passwordless sign-in.
Recall takes rolling screenshots of your screen and makes them searchable with AI. Opt-in, stored locally, encrypted. Rolling out to Copilot+ hardware in Australia from May 20. Regulated industries should disable via Intune policy: WindowsAI/DisableAIDataAnalysis.
Apple's developer conference Jun 9β13. Leaks point to macOS 16 dropping support for Intel Macs pre-2019, iOS 20 expanding Apple Intelligence. Early WWDC betas often break MDM profiles β hold off testing on production managed devices until beta 3+.
New EC2 instances after July 15 will have IMDSv1 disabled by default. Migrate any workloads still calling the metadata service without session tokens to IMDSv2. Use the CloudWatch metric MetadataNoToken to find remaining IMDSv1 calls.
Android 16 targets Q3 2026. Key changes: stricter work profile data isolation, Device Admin API deprecation (migrate to Android Enterprise now), and new health attestation for zero-trust posture checks. Start updating MDM policies now.
Ubuntu 24.04.2 LTS is out with kernel 6.11 β improved support for Intel Lunar Lake and AMD Strix. Existing 24.04 installs get this via regular updates. For new deployments, use the 24.04.2 ISO to avoid a long post-install update run.
Core Ultra 200H and 200U (Arrow Lake) deliver 20β30% better battery life in mixed workloads and meet Microsoft's Copilot+ requirements. Our recommendation: hold out for Arrow Lake devices this refresh cycle rather than buying older Raptor Lake stock at a discount.
π‘
No updates match this filter yet β check back soon.
Posts appear with an "Onside IT" badge.
Good question β and honestly, a fair one to ask before trusting anything on here.
The Tech Radar is updated by the Onside IT team, usually a few times a week. When something significant happens β a zero-day drops, a major product ships, a service goes down, or a deadline is approaching β we add it here manually. We read the vendor blogs, the security feeds, and the IT community forums so you don't have to wade through all of it yourself.
The live incidents panel is now fully automatic. It polls the public status APIs from Atlassian, Slack, Zoom, GitHub and Cloudflare every 5 minutes and updates in real time β no page refresh needed. For Microsoft 365, AWS, Google Workspace and Cisco, those vendors don't expose public CORS-friendly APIs, so we show a direct "Check status" link to their official status pages instead. We're monitoring those manually.
The content cards are written by us. We pull from sources like BleepingComputer, Krebs on Security, the Microsoft Tech Community, vendor blogs, and our own day-to-day work with clients across Sydney. If something is affecting businesses we're working with, it goes on here.
We're not a 24-hour news desk β but if something critical happens overnight, we aim to have it up the next morning. For genuine emergencies, call us directly.
Something missing or out of date? Let us know β we appreciate the heads up.