Monthly Archives: March 2026

The AI safety conversation is focused on the wrong layer

Organizations have spent years accumulating fragmented identity systems: too many roles, too many credentials, too many disconnected tools. For a workforce of humans, that fragmentation was manageable. Humans log in, log out, and make decisions slowly enough that gaps in control rarely turned into immediate incidents. AI agents operate differently. “AI agents change that completely,” said Ev Kontsevoy, CEO of Teleport. “Now you’re introducing non-deterministic actors that don’t sleep, don’t follow predictable paths, and can … More → The post The AI safety conversation is focused on the wrong layer appeared first on Help Net Security.
http://news.poseidon-us.com/TRgZ1v

Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055)

Citrix has fixed two vulnerabilities in NetScaler ADC and NetScaler Gateway, with the more serious flaw (CVE-2026-3055) potentially allowing attackers to extract active session tokens from the memory of affected devices. Anil Shetty, senior VP of Engineering with Cloud Software Group (Citrix’s parent company), stated on Saturday that Cloud Software Group “is not aware of any unmitigated exploit available for either CVE 2026-3055 or CVE 2026-4368.” Still, as both vulnerabilities can be exploited in low-complexity … More → The post Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055) appeared first on Help Net Security.
http://news.poseidon-us.com/TRgYz6

Russian initial access broker helped ransomware gangs extort millions, sentenced to 81 months

A Russian citizen, Aleksei Volkov, was sentenced to 81 months in prison for helping ransomware groups carry out attacks causing over $9 million in actual losses and over $24 million in intended losses, after being arrested in Italy and extradited to the United States where he pleaded guilty. According to prosecutors, Volkov was an initial access broker who found vulnerabilities in computer networks, gained unauthorized access, and sold that access to other cybercriminals. Volkov’s co-conspirators … More → The post Russian initial access broker helped ransomware gangs extort millions, sentenced to 81 months appeared first on Help Net Security.
http://news.poseidon-us.com/TRgQG2

Darktrace expands MSSP offering with AI-driven managed email security

Darktrace has launched its managed security service for MSSPs, enabling partners to deliver AI-native email security with real-time detection, investigation, and response across the email ecosystem. The launch is supported by updates to the Darktrace Defenders Partner Program designed to provide flexibility and scalability for partners at every stage of their services maturity, helping them expand security offerings and deliver AI-native protection to customers around the world. Email threats continue to grow in sophistication as … More → The post Darktrace expands MSSP offering with AI-driven managed email security appeared first on Help Net Security.
http://news.poseidon-us.com/TRgQFz

Novee introduces autonomous AI red teaming to hunt LLM vulnerabilities

Novee today introduced AI Red Teaming for LLM Applications for its AI penetration testing platform, designed to uncover security vulnerabilities in LLM-powered applications before attackers can exploit them. Enterprises are deploying AI-enabled software, from customer-facing chatbots to internal copilots and autonomous agents, and security teams are now facing a new class of risks, including prompt injection, jailbreak attempts, data exfiltration, and manipulation of agent behavior that traditional pentesting tools were never designed to detect. Unlike … More → The post Novee introduces autonomous AI red teaming to hunt LLM vulnerabilities appeared first on Help Net Security.
http://news.poseidon-us.com/TRgQFC

32% of top-exploited vulnerabilities are over a decade old

Exploitation timelines continued to compress in enterprise environments, with newly disclosed flaws reaching active use almost immediately and older weaknesses remaining active years after disclosure. (Source: Cisco Talos) Findings from Cisco Talos’ 2025 Year in Review show how attackers combined rapid weaponization with long-term exposure spanning infrastructure, identity systems, and user workflows. Top-targeted vulnerabilities show speed and persistence Newly disclosed vulnerabilities moved into active exploitation with little delay. React2Shell became the most targeted vulnerability of … More → The post 32% of top-exploited vulnerabilities are over a decade old appeared first on Help Net Security.
http://news.poseidon-us.com/TRgQCj