433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Software supply chain hacks trigger wave of intrusions, data theft

After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that “hundreds of thousands of stolen secrets could potentially be circulating” as a result of this and the Trivy, KICS, LiteLLM, and Telnyx supply chain attacks (linked to TeamPCP). “This could enable further software supply chain attacks, software as a service (SaaS) environment compromises (leading to downstream customer compromises), ransomware and extortion events, and cryptocurrency theft over the near term,” … More → The post Software supply chain hacks trigger wave of intrusions, data theft appeared first on Help Net Security.
http://news.poseidon-us.com/TRrJJw

New Red Hat subscription simplifies long-term enterprise Linux support

Red Hat has announced Red Hat Enterprise Linux Extended Life Cycle Premium, a new subscription that provides a predictable 14-year life cycle for major Red Hat Enterprise Linux releases. This stand-alone subscription consolidates extended support, simplifying the management of multiple support streams. It helps organizations maintain their most sensitive, change-averse workloads on a single, hardened foundation for more than a decade. As enterprises deploy full-scale production, the underlying infrastructure relies on consistency. Frequent minor release … More → The post New Red Hat subscription simplifies long-term enterprise Linux support appeared first on Help Net Security.
http://news.poseidon-us.com/TRr661

DarkSword exploit forces Apple to loosen its patching policy

Apple has extended security updates to a wider range of devices still running iOS 18, aiming to protect users from the DarkSword exploit kit. This is not the first time Apple has backported fixes for older devices based on vulnerability severity. Allowing iOS 18 users to receive patches without upgrading to iOS 26, however, signals a shift in its long-standing security approach following the discovery of the DarkSword and Coruna exploit kits. When iOS 26 … More → The post DarkSword exploit forces Apple to loosen its patching policy appeared first on Help Net Security.
http://news.poseidon-us.com/TRqwlx

TrueConf zero-day vulnerability exploited to target government networks

Suspected China-nexus attackers have leveraged a zero-day vulnerability (CVE-2026-3502) in the TrueConf client application to distribute malware within government networks in Southeast Asia, Check Point researchers discovered. Malicious client update attack chain (Source: Check Point) Trusted update mechanism turned into attack vector TrueConf is a videoconferencing platform designed to run on private local networks (LANs) without internet access, which makes it attractive to government departments, defense institutions, and critical infrastructure operators. Consequently, the solution is … More → The post TrueConf zero-day vulnerability exploited to target government networks appeared first on Help Net Security.
http://news.poseidon-us.com/TRqpl5