Monthly Archives: December 2025

December 2025 Patch Tuesday forecast: And it’s a wrap

It’s hard to believe that we’re in December of 2025 already and the end of the year is fast approaching. Looking back on the year, there are two major items that really stand out in my mind. First, there is the large number of Microsoft products that have come to EOL/EOS near the end of this year. It seemed there was always a reason their products would get official extended support at the last minute, … More → The post December 2025 Patch Tuesday forecast: And it’s a wrap appeared first on Help Net Security.
http://news.poseidon-us.com/TPhZVZ

NVIDIA research shows how agentic AI fails under attack

Enterprises are rushing to deploy agentic systems that plan, use tools, and make decisions with less human guidance than earlier AI models. This new class of systems also brings new kinds of risk that appear in the interactions between models, tools, data sources, and memory stores. A research team from NVIDIA and Lakera AI has released a safety and security framework that tries to map these risks and measure them inside real workflows. The work … More → The post NVIDIA research shows how agentic AI fails under attack appeared first on Help Net Security.
http://news.poseidon-us.com/TPhZTp

The Bastion: Open-source access control for complex infrastructure

Operational teams know that access sprawl grows fast. Servers, virtual machines and network gear all need hands-on work and each new system adds more identities to manage. A bastion host tries to bring order to this problem. It acts as a single entry point for sysadmins and developers who connect to infrastructure through ssh. This model is old in theory, but The Bastion open-source project shows how far a purpose-built access layer can go. A … More → The post The Bastion: Open-source access control for complex infrastructure appeared first on Help Net Security.
http://news.poseidon-us.com/TPhXxT

How to tell if your password manager meets HIPAA expectations

Most healthcare organizations focus on encryption, network monitoring, and phishing prevention, although one simple source of risk still slips through the cracks. Password management continues to open doors for attackers more often than leaders expect. Weak, reused, or shared passwords often play a part in breaches that involve protected health information. The HIPAA Security Rule expects organizations to manage authentication with care, and password managers can help satisfy these expectations when they are chosen and … More → The post How to tell if your password manager meets HIPAA expectations appeared first on Help Net Security.
http://news.poseidon-us.com/TPhXx6

Invisible IT is becoming the next workplace priority

IT leaders want their employees to work without running into digital hurdles, but many still struggle with fragmented systems that slow teams down. A new report from Lenovo sheds light on how widespread the problem has become and what organizations can do to reduce workplace friction. Complexity is holding digital workplaces back Hybrid work pushed companies to adopt new tools, devices and management platforms at speed. According to the research, enterprises now manage an average … More → The post Invisible IT is becoming the next workplace priority appeared first on Help Net Security.
http://news.poseidon-us.com/TPhWGh

CISOs are spending big and still losing ground

Security leaders are entering another budget cycle with more money to work with, but many still feel no safer. A new benchmark study from Wiz shows a widening gap between investment and impact. Budgets keep rising, cloud programs keep expanding, and AI is reshaping both threats and defenses. Still, CISOs say the fundamentals of risk reduction are not improving fast enough. Bigger budgets do not create confidence Organizations continue to increase cybersecurity spending across industries. … More → The post CISOs are spending big and still losing ground appeared first on Help Net Security.
http://news.poseidon-us.com/TPhWG6

Week in review: React, Node.js flaw patched, ransomware intrusion exposes espionage foothold

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Creative cybersecurity strategies for resource-constrained institutions In this Help Net Security interview, Dennis Pickett, CISO at RTI International, talks about how research institutions can approach cybersecurity with limited resources and still build resilience. He discusses the tension between open research and the need to protect sensitive information, noting that workable solutions come from understanding how people get their jobs done. … More → The post Week in review: React, Node.js flaw patched, ransomware intrusion exposes espionage foothold appeared first on Help Net Security.
http://news.poseidon-us.com/TPgtPd

AI’s climate impact is much smaller than many feared

New findings challenge the widespread belief that AI is an environmental villain. By analyzing U.S. economic data and AI usage across industries, researchers discovered that AI’s energy consumption—while significant locally—barely registers at national or global scales. Even more surprising, AI could help accelerate green technologies rather than hinder them.
http://news.poseidon-us.com/TPgNLd

The “impossible” LED breakthrough that changes everything

Scientists have discovered how to electrically power insulating nanoparticles using organic molecules that act like tiny antennas. These hybrids generate extremely pure near-infrared light, ideal for medical diagnostics and advanced communications. The approach works at low voltages and surpasses competing technologies in spectral precision. Early results suggest huge potential for future optoelectronic devices.
http://news.poseidon-us.com/TPgHgb

Deere CIO to retire after 28 years with the company

Raj Kalathur, who was also the president of John Deere Financial, will remain in both roles until Jan. 31, 2026.
http://news.poseidon-us.com/TPfqW5