433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Malicious GitHub pages lure MacOS users into installing Atomic infostealer

MacOS users looking to download popular software such as LastPass, 1Password, After Effects, Gemini, and many others are in danger of getting saddled with the Atomic infostealer instead, LastPass has warned. The malware delivery campaign is ongoing and widespread To set the stage, the attackers are first standing up fraudulent GitHub repositories that ostensibly host popular software for MacOS. Then they push unsuspecting users towards those pages. “The threat actors are using Search Engine Optimization … More → The post Malicious GitHub pages lure MacOS users into installing Atomic infostealer appeared first on Help Net Security.
http://news.poseidon-us.com/TNDDBl

Stellar Cyber 6.1 equips SecOps teams with multi-layer AI

Stellar Cyber announced Stellar Cyber 6.1, designed to help customers and partners advance toward a human-augmented autonomous SOC. With Stellar Cyber 6.1, organizations gain new levels of visibility, speed, and control. Powered by multi-layer AI, the platform is open and unifying, eliminating silos across logs, networks, identities, and endpoints. By combining agentic AI-driven investigations, customizable anomaly detection, and third-party integrations, this release equips SecOps teams and MSSPs to do better work faster while keeping humans … More → The post Stellar Cyber 6.1 equips SecOps teams with multi-layer AI appeared first on Help Net Security.
http://news.poseidon-us.com/TNDCvg

The case for secure multi-cloud

Mixing and matching services to meet mission needs and avoid vendor lock-in is a key strategy for agencies to keep up with the pace of modernization. The post The case for secure multi-cloud first appeared on Federal News Network.
http://news.poseidon-us.com/TNDChf

The case for secure multi-cloud

Mixing and matching services to meet mission needs and avoid vendor lock-in is a key strategy for agencies to keep up with the pace of modernization. The post The case for secure multi-cloud first appeared on Federal News Network.
http://news.poseidon-us.com/TNDCgk

Cisco IOS XE SD-WAN Software Packet Filtering Bypass Vulnerability

A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to bypass Layer 3 and Layer 4 traffic filters.  This vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by sending a crafted packet to the affected device. A successful exploit could allow the attacker to bypass the Layer 3 and Layer 4 traffic filters and inject a crafted packet into the network. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-bypass-HHUVujdn This advisory is part of the May 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: May 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2025-20221
http://news.poseidon-us.com/TND9VK

Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035)

If you’re running Fortra’s GoAnywhere managed file transfer solution and you haven’t updated to the latest available version for a while, do so now or risk getting your instance compromised via CVE-2025-10035. About CVE-2025-10035 CVE-2025-10035 is a critical deserialization vulnerability in the License servlet of Fortra’s GoAnywhere MFT managed file transfer solution, which is widely used by organizations of all sizes. The solution can be deployed on-premises, in the cloud, and in hybrid environments. According … More → The post Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035) appeared first on Help Net Security.
http://news.poseidon-us.com/TND418

How Juventus protects fans, revenue, and reputation during matchdays

In this Help Net Security interview, Mirko Rinaldini, Head of ICT at Juventus Football Club, discusses the club’s approach to cyber risk strategy. Juventus has developed a threat-led, outcomes-driven program that balances innovation with protections across matchdays, e-commerce, and digital platforms. Rinaldini shares lessons in governance, workforce awareness, and AI-enabled risk management that other high-stakes organizations can apply. Juventus is one of the world’s most high‑profile football clubs, which naturally makes it a target. How … More → The post How Juventus protects fans, revenue, and reputation during matchdays appeared first on Help Net Security.
http://news.poseidon-us.com/TNCjqw