Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When most people think of cybersecurity threats, they picture outside attackers trying to breach the network. But often, the biggest risks are already inside. Whether it’s human error, shadow IT, or poor policy enforcement, internal vulnerabilities can be just as damaging. In this blog, we’ll explore five commonly overlooked cybersecurity risks within organizations and how you can proactively address them.

CSRF attack or Cross-site request forgery is a very dangerous and stealthy web security vulnerability that exploits trust from a user's browser for a web application. A successful CSRF attack deceives an authenticated user into performing some operations without his consent-like account modification or payment or financial transaction against his will. Most alarming in such cases is that CSRF attacks usually remain unknown for end-users that make defending against them difficult.

On May 13, 2025, Fortinet published a security advisory on a critical severity stack-based overflow vulnerability, CVE-2025-32756, impacting FortiVoice, FortiCamera, FortiMail, FortiNDR, and FortiRecorder. The vulnerability allows remote unauthenticated threat actors to execute arbitrary code or commands via crafted HTTP requests. In the advisory Fortinet stated that the vulnerability has been exploited in the wild on FortiVoice.

In light of the recent disclosure by Marks & Spencer (M&S) regarding a cyber attack that resulted in the theft of customer data, we strongly recommend that if you are affected you take immediate and proactive steps to protect your digital identity and reduce the risk of further compromise.

“You can’t secure what you don’t know exists.” It’s a common refrain in cybersecurity (and for good reason!). But the reality is a bit more complex: it’s not enough to just know that something exists. To effectively secure your assets, you need to understand what each of them is. Without proper classification, applying the right security processes or tools becomes a guessing game.

We’re excited to announce a major enhancement to the ARMO platform: Full Software Bill of Materials (SBOM) with Runtime Visibility and Open Source License Insights. In today’s threat landscape, it’s not enough to know what went into your containerized applications. You need to know what’s actually running, how it’s behaving, and whether it introduces compliance or legal risks. ARMO’s new SBOM capability delivers just that.

How should data security teams walk the fine line between enabling AI innovation, safeguarding sensitive data, and ensuring compliance? That question drives everything we build at Nightfall. It’s also an excellent jumping off point for an in-depth discussion among security experts.

Private repos leak plaintext secrets 8x more often than public ones. Learn why internal codebases are the biggest blind spot in your secrets management strategy.

On March 19th, 2025, we discovered a package called os-info-checker-es6 and were taken aback. We could tell it was not doing what it said on the tin. But what's the deal? We decided to investigate the matter and initially hit some dead ends. But patience pays off, and we eventually got most of the answers we sought. We also learned about Unicode PUAs (No, not pick-up artists). It was a roller coaster ride of emotions!

Firewall policy management has reached a critical point, characterized by misconfigurations, overly complex rules, and ongoing audits. The burden continues to fall on already-stretched security teams. For CISOs, the question isn’t whether policies are being enforced; it’s whether they’re aligned, effective, and resilient across every location and environment.