Are We Closing the Gender Gap in Cybersecurity?

Blog

Byadmblake March 20, 2025

Answer: Nope. But let’s look at the trends — because they matter for security.

Blog

New Reports Uncover Jailbreaks, Unsafe Code, and Data Theft Risks in Leading AI Systems

Various generative artificial intelligence (GenAI) services have been found vulnerable to two types of jailbreak attacks that make it possible to produce illicit or dangerous content. The first of the two techniques, codenamed Inception, instructs an AI tool to imagine a fictitious scenario, which can then be adapted into a second scenario within the first…

Read More New Reports Uncover Jailbreaks, Unsafe Code, and Data Theft Risks in Leading AI Systems
Blog

Identity Security Has an Automation Problem—And It’s Bigger Than You Think

For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality: too much still depends on people—not systems—to function. In fact, fewer than 4% of security teams have fully automated their core…

Read More Identity Security Has an Automation Problem—And It’s Bigger Than You Think
Blog

Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature

Google’s Mandiant Threat Defense on Monday said it discovered n-day exploitation of a now-patched security flaw in Gladinet’s Triofox file-sharing and remote access platform. The critical vulnerability, tracked as CVE-2025-12480 (CVSS score: 9.1), allows an attacker to bypass authentication and access the configuration pages, resulting in the upload and execution of arbitrary payloads. The

Read More Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature
Blog

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts

A new malicious package discovered in the Python Package Index (PyPI) has been found to impersonate a popular library for symbolic mathematics to deploy malicious payloads, including a cryptocurrency miner, on Linux hosts. The package, named sympy-dev, mimics SymPy, replicating the latter’s project description verbatim in an attempt to deceive unsuspecting users into thinking that…

Read More Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts
Blog

VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware

Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace that are designed to deploy ransomware that’s under development to its users. The extensions, named “ahban.shiba” and “ahban.cychelloworld,” have since been taken down by the marketplace maintainers. Both the extensions, per ReversingLabs, incorporate code that’s designed to invoke a

Read More VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware
Blog

Critical Azure Entra ID Flaw Highlights Microsoft IAM Issues

While the cloud vulnerability was fixed prior to disclosure, the researcher who discovered it says it could have led to catastrophic attacks.

Read More Critical Azure Entra ID Flaw Highlights Microsoft IAM Issues

Related