433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Cisco UCS Manager Software Privilege Escalation Vulnerability

A vulnerability in the NX-OS CLI privilege levels of Cisco UCS Manager Software could allow an authenticated, local attacker with read-only privileges to modify files and perform unauthorized actions on an affected system.   This vulnerability exists because unnecessary privileges are given to the user. An attacker could exploit this vulnerability by authenticating to a device as a read-only user and connecting to the NX-OS CLI. A successful exploit could allow the attacker to create or overwrite files in the file system or perform limited privileged actions on an affected device.    Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.  This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-afwae-mOgUfyLn This advisory is part of the February 2026 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: February 2026 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2026-20037
http://news.poseidon-us.com/TR8rPg

A simple chemical tweak could supercharge quantum computers

Quantum computers need special materials called topological superconductors—but they’ve been notoriously difficult to create. Researchers have now shown they can trigger this exotic state by subtly adjusting the mix of tellurium and selenium in ultra-thin films. That tiny chemical tweak changes how electrons interact, effectively turning a quantum phase “dial” until the ideal state appears. The result is a more practical path toward building stable, next-generation quantum devices.
http://news.poseidon-us.com/TR8qn9

Anthropic’s Remote Control feature brings Claude Code to mobile devices

Anthropic has introduced a new Claude Code feature called Remote Control, allowing developers to continue a local coding session from a phone, tablet, or any web browser. The feature is rolling out as a research preview to Max users. This is another in a series of additions the company has introduced recently, following Claude Opus 4.6, Claude Sonnet 4.6, and Claude Code Security. “Unlike Claude Code on the web, which runs on cloud infrastructure, Remote … More → The post Anthropic’s Remote Control feature brings Claude Code to mobile devices appeared first on Help Net Security.
http://news.poseidon-us.com/TR8hr8

SolarWinds Serv-U hit by four critical RCE-level vulnerabilities

SolarWinds has fixed four critical vulnerabilities in its popular Serv-U file transfer solution, which is used by businesses and organizations of all sizes. If exploited, the flaws may allow attackers to create a system admin user and/or execute code as a privileged account. The SolarWinds Serv-U vulnerabilities SolarWinds Serv-U runs on Windows or Linux and lets users securely transfer files between computers or systems using standard protocols like FTP, FTPS, SFTP, HTTP, and HTTPS. It … More → The post SolarWinds Serv-U hit by four critical RCE-level vulnerabilities appeared first on Help Net Security.
http://news.poseidon-us.com/TR8cxc

Reddit fined $19.5 million for failing to protect children’s personal data

The UK’s Information Commissioner’s Office (ICO) has fined Reddit $19.5 million after finding that the company failed to use children’s personal information lawfully, exposing them to inappropriate and harmful content. The investigation found that Reddit did not apply an age assurance mechanism and therefore did not have a lawful basis for processing the personal information of children under 13. The company also failed to carry out a data protection impact assessment to assess and mitigate … More → The post Reddit fined $19.5 million for failing to protect children’s personal data appeared first on Help Net Security.
http://news.poseidon-us.com/TR8cty

Ex-L3Harris executive sentenced to 87 months for selling stolen cyber-exploit trade secrets

Peter Williams, a former executive of Trenchant, L3Harris’ cyber division, has been sentenced to 87 months in prison by a federal judge in Washington, D.C., after pleading guilty to stealing and selling sensitive cyber-exploit trade secrets to a Russian broker. Williams admitted his actions caused the defense contractor an estimated $35 million in losses. The judge also ordered three years of supervised release and the forfeiture of a $1.3 million money judgment, cryptocurrency, a house, … More → The post Ex-L3Harris executive sentenced to 87 months for selling stolen cyber-exploit trade secrets appeared first on Help Net Security.
http://news.poseidon-us.com/TR8XkG

CISA flags exploited FileZen command injection bug, patch now! (CVE-2026-25108)

CISA has added CVE-2026-25108, an OS command injection vulnerability in Soliton Systems’ FileZen secure file transfer solution, to its Known Exploited Vulnerabilities (KEV) catalog. The vendor has confirmed active exploitation, stating it has received multiple reports of damage caused by attackers abusing the flaw. Because public disclosures from the Japanese CERT Coordination Center (JPCERT/CC) and a ransomware incident reported by Japan’s Washington Hotel occurred around the same time, there has been speculation that CVE-2026-25108 may … More → The post CISA flags exploited FileZen command injection bug, patch now! (CVE-2026-25108) appeared first on Help Net Security.
http://news.poseidon-us.com/TR8Xk8

Apple blocks 18+ app downloads in select markets

Apple has introduced expanded age assurance tools to help developers comply with regulations taking effect in Brazil, Australia, Singapore, Utah, and Louisiana. The updates, available in beta, expand the Declared Age Range API and related App Store systems. Age-based download restriction As of February 24, 2026, Apple began blocking users from downloading apps rated 18+ in Brazil, Australia, and Singapore unless the user is confirmed to be an adult. The App Store performs age confirmation … More → The post Apple blocks 18+ app downloads in select markets appeared first on Help Net Security.
http://news.poseidon-us.com/TR8XhS

Cyber valuations climb as capital concentrates, AI security expands

Venture funding in cybersecurity continued to concentrate in large private rounds at the end of 2025, driving valuations higher across stages. Data from DataTribe shows total capital invested approached $150 billion for the year, with a disproportionate share flowing into fewer than 100 deals. Cybersecurity investment areas (Source: PitchBook) In Q4 alone, fewer than 100 transactions represented more than $34 billion in investment, and multiple financings surpassed the $1 billion mark. Companies continued to extend … More → The post Cyber valuations climb as capital concentrates, AI security expands appeared first on Help Net Security.
http://news.poseidon-us.com/TR8Lfm