433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

PureLogs infostealer is stealing credentials worldwide

A phishing campaign is smuggling the powerful PureLogs information stealer onto targets’ Windows machines by hiding encrypted malicious payloads inside cat photos, Fortinet researchers discovered. The attack The attack starts with a phishing email containing a TXZ archive and using an invoice-themed lure to pressure the victim into opening it quickly: The phishing email carrying the malicious TXZ archive (Source: Fortinet) The extracted JavaScript stores malicious commands in process environment variables (which are also filled … More → The post PureLogs infostealer is stealing credentials worldwide appeared first on Help Net Security.
http://news.poseidon-us.com/TScY2b

Selector extends AI-driven observability into multi-cloud environments

Selector has announced the expansion of its platform with AI-powered multi-cloud observability capabilities. The extension of Selector’s AI-driven observability approach into multi-cloud environments enables organizations to correlate signals across the full hybrid path. By unifying rich telemetry data from cloud, network, and infrastructure into a shared intelligence layer, Selector gives teams a more complete, actionable view of incidents and true root cause. As cloud adoption and hybrid infrastructure expansion have become the operational norm, teams … More → The post Selector extends AI-driven observability into multi-cloud environments appeared first on Help Net Security.
http://news.poseidon-us.com/TScY2Z

LaunchDarkly adds real-time controls for AI agents in production

LaunchDarkly has launched AgentControl, a new solution that gives software teams real-time control over AI agents in production. With AgentControl, teams can change how an agent behaves at runtime without redeploying the underlying application. As AI agents move into production, engineering teams need new ways to manage configuration, quality, and runtime behavior. Unlike traditional code, agent behavior may vary across models, prompts, and production contexts, even when application code remains unchanged. Once deployed, agent configurations … More → The post LaunchDarkly adds real-time controls for AI agents in production appeared first on Help Net Security.
http://news.poseidon-us.com/TScY2X

Canonical ships Ubuntu Core 26 with 15 years of security maintenance

Operators of industrial sensors, edge AI controllers, and connected medical equipment now have a refreshed long-term Linux option for fleets that must stay patched for more than a decade. Canonical released Ubuntu Core 26, the latest long-term supported version of its minimal, immutable operating system, with security maintenance lasting up to 15 years. The release targets devices subject to the European Union’s Cyber Resilience Act and customers running attested edge AI workloads. Every component on … More → The post Canonical ships Ubuntu Core 26 with 15 years of security maintenance appeared first on Help Net Security.
http://news.poseidon-us.com/TScY2V

New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain

A SHub macOS infostealer variant called Reaper impersonates Apple, Microsoft, and Google to trick users into executing malicious code, then targets browser data, password managers, and cryptocurrency wallets while establishing persistence for continued access, SentinelOne found. ClickFix gives way to a new delivery method Consistent with earlier SHub versions, Reaper uses a multi-stage execution chain. Researchers said this variant shifts away from standard ClickFix social engineering techniques, where victims are tricked into pasting commands into … More → The post New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain appeared first on Help Net Security.
http://news.poseidon-us.com/TScY2R

The end of unencrypted Discord calls is here

Discord has protected voice and video calls in DMs, group DMs, voice channels, and Go Live streams with end-to-end encryption (E2EE) by default. The company began experimenting with E2EE for voice and video in 2023, starting a long-term effort. End-to-end encryption allows only participants in a call to access its content, while Discord does not have access to media encryption keys. Since then, the company introduced DAVE, an open and audited E2EE protocol developed for … More → The post The end of unencrypted Discord calls is here appeared first on Help Net Security.
http://news.poseidon-us.com/TScY1J