433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

A full-circle approach to enterprise technology needs to center on mission, explains SAIC’s CTO

Creating mission value hinges on leaning into latest tech but also being pragmatic enough to know when to opt for COTS over custom dev, SAIC’s Bob Ritchie says. The post A full-circle approach to enterprise technology needs to center on mission, explains SAIC’s CTO first appeared on Federal News Network.
http://news.poseidon-us.com/TLL8l6

TDR is an opportunity for partnership

TDR provides GSA with market intelligence about the pricing for the specific goods and services purchased under a MAS transaction. The post TDR is an opportunity for partnership first appeared on Federal News Network.
http://news.poseidon-us.com/TLL7MD

iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200)

A zero-click attack leveraging a freshly disclosed Messages vulnerability (CVE-2025-43200) has infected the iPhones of two European journalists with Paragon’s Graphite mercenary spyware, Citizen Lab researchers have revealed on Thursday. The attacks happened in January and early February 2025. “We believe that this infection would not have been visible to the target,” the researchers noted. About CVE-2025-43200 CVE-2025-43200 is a logic issue triggered when the Apple smartphone processed a maliciously crafted photo or video shared … More → The post iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200) appeared first on Help Net Security.
http://news.poseidon-us.com/TLL61Q

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Insikt Group exposes GrayAlpha’s evolving infrastructure and infection methods—including PowerNet and MaskBat loaders, fake 7-Zip sites, and the undocumented TAG-124 network—linking the group to FIN7’s advanced cybercriminal operations.
http://news.poseidon-us.com/TLL5f7

What every American should know about our spy history

“I’m not sure that we will be either more secure or more free in the future. And intelligence is one of the big reasons why,” said Jeff Rogg. The post What every American should know about our spy history first appeared on Federal News Network.
http://news.poseidon-us.com/TLL184

Changes coming to TSP’s Lifecyle Funds

The Thrift Savings Plan board will also be rolling over the current L 2025 Fund into its broader Income Fund. The post Changes coming to TSP’s Lifecyle Funds first appeared on Federal News Network.
http://news.poseidon-us.com/TLKy54

StackHawk Sensitive Data Identification provides visibility into high-risk APIs

StackHawk announced Sensitive Data Identification to give security teams visibility into high-risk APIs across thousands of code repositories within an organization. With most security teams only aware of approximately 10% of their API attack surface, StackHawk illuminates the complete API landscape, including shadow APIs, zombie APIs that are no longer under active development, and ghost APIs that bypass traditional gateways. Leveraging StackHawk’s existing API Discovery platform, which automatically uncovers APIs directly from source code repositories, … More → The post StackHawk Sensitive Data Identification provides visibility into high-risk APIs appeared first on Help Net Security.
http://news.poseidon-us.com/TLKn6F

Unpacking the security complexity of no-code development platforms

In this Help Net Security interview, Amichai Shulman, CTO at Nokod Security, discusses how the abstraction layer in no-code environments complicates security by obscuring data flow, identity propagation, and control logic. Shulman also addresses why vulnerabilities in no-code applications go far beyond simple misconfigurations or insecure defaults. How does the abstraction layer in no-code environments complicate visibility into data flow, identity propagation, or control logic? The use of no-code tools to generate custom applications in … More → The post Unpacking the security complexity of no-code development platforms appeared first on Help Net Security.
http://news.poseidon-us.com/TLKjRj

What CISOs need to know about agentic AI

GenAI has been the star of the show lately. Tools like ChatGPT impressed everyone with how well they can summarize, write, and respond. But something new is gaining ground: agentic AI. These systems don’t just answer questions. They make decisions, take action, and in some cases, even work together to get things done. Naturally, CISOs are starting to ask the big question: can we trust it to be secure? Agentic AI has the potential to … More → The post What CISOs need to know about agentic AI appeared first on Help Net Security.
http://news.poseidon-us.com/TLKjRM

Security flaws in government apps go unpatched for years

78% of public sector organizations are operating with significant security debt, flaws left unaddressed for more than a year, according to Veracode. 55% are burdened with ‘critical’ security debt, representing long-standing vulnerabilities with severe risk potential. Public sector flaw remediation timeline based on survival analysis (Source: Veracode) Public sector security debt exceeds industry average The research reveals that public sector entities require an average of 315 days to fix half their software vulnerabilities, significantly higher … More → The post Security flaws in government apps go unpatched for years appeared first on Help Net Security.
http://news.poseidon-us.com/TLKjQ6