Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On June 2, 2025, Hewlett Packard Enterprise (HPE) released fixes for multiple vulnerabilities affecting HPE StoreOnce VSA, an enterprise backup storage solution. The most severe of these was CVE-2025-37093, a critical authentication bypass vulnerability discovered by the Zero Day Initiative (ZDI). The flaw resides in the implementation of the machineAccountCheck method and stems from improper handling of an authentication algorithm.

AI is not just reshaping cybersecurity. It is exposing where many organizations remain vulnerable. While attackers are racing ahead with AI-powered tools, too many defenders are still relying on outdated strategies, siloed data, and manual processes. In conversations with security leaders, I hear the same concern repeatedly. The anxiety is not just about AI-enhanced threats. It is about the growing sense that defenders are falling behind.

At BSides312 in Chicago, experts showed that defending systems requires defending people, with trust, inclusion, and communication as key controls. Defense is deeply human.

Modern infrastructure is increasingly run by automated systems, not people. Bots push code. Runners deploy to prod. Agents orchestrate cloud resources. And increasingly, AI models trigger actions directly through prompt-driven automation. Welcome to the era of non-human identities (NHIs): the invisible workforce operating behind modern digital systems.

Similar to Ollama and llama.cpp, LlamaIndex provides an application layer for connecting your data to LLMs and interacting with it through a chat interface. While LlamaIndex is an open source project like other LLM application frameworks, LlamaIndex is also a company, with a recent Series A, a commercial offering, and a more polished aesthetic than their strictly DIY counterparts.

The explosion of generative artificial intelligence tools is sparking a wave of enthusiasm in workplaces, with employees eagerly embracing new applications to boost productivity and innovation. However, this adoption often leads to a new phenomenon known as shadow AI—the use of artificial intelligence tools within an organization without explicit approval or oversight from IT and security teams. Unsanctioned use of AI creates significant (and often invisible) security blind spots.

Research is what turns cybersecurity from a reactive scramble into a proactive discipline. It’s how security teams uncover new threats, pressure-test defenses, and understand the unintended consequences of innovation (especially as AI Agents reshape the attack surface).At Zenity, research isn’t a side effort. It’s how we build, challenge, and ultimately secure what’s next.

Privileged Access Management (PAM) plays a crucial role in protecting sensitive data by controlling, monitoring and limiting access to systems and accounts. PAM focuses specifically on managing accounts with elevated permissions, such as administrator or root accounts. These accounts, if compromised or misused, can pose significant security risks and potentially lead to severe data breaches.

When it comes to safeguarding your most vital data and digital operations, clinging to legacy systems and outdated processes isn’t just a bottleneck – it’s a liability. Organizations that delay necessary upgrades or operate with patchwork security frameworks not only accumulate tech debt but are extending an open invitation for cyber criminals to exploit vulnerabilities. Take a hard look at your current systems. Are they equipped to keep up with modern threats?