433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Meet Fractal, an OS made for microarchitecture reverse engineering

Probing how a CPU isolates user code from kernel code is messy work. Researchers patch kernels, write drivers, or boot stripped-down bare-metal programs, and any of those choices change variables they were trying to hold still. Fractal, a new operating system from MIT CSAIL, was built to take that mess out of the loop, and its authors used it to surface previously undocumented behavior in the Apple M1 branch predictor. Joseph Ravichandran and Mengjia Yan … More → The post Meet Fractal, an OS made for microarchitecture reverse engineering appeared first on Help Net Security.
http://news.poseidon-us.com/TSgJ8T

Downtime has become a $600 billion business problem

The average cost of downtime has reached $600 billion for the Global 2000, a 50% increase in two years. According to Splunk’s The Hidden Costs of Downtime report, unplanned outages and service degradation cost each company an average of $300 million. Percentage of technology executives who consider a direct cost very or prohibitively disruptive (2024 versus 2026) (Source: Splunk) The consequences of an outage Delayed product launches, brand damage, and stock declines continue to affect … More → The post Downtime has become a $600 billion business problem appeared first on Help Net Security.
http://news.poseidon-us.com/TSgC4k

The new economics of fraud: Cheaper, faster, more convincing

Scams have become one of the fastest-growing consumer risks, driven by AI-enabled impersonation, social engineering, and sophisticated attack methods, according to Visa’s Spring 2026 Biannual Threats Report. Criminals redirect efforts toward trust and third parties Fraud involves behavioral manipulation, fragmented ecosystems, and faster attack cycles that use AI to pressure people into authorizing payments themselves. The payments ecosystem continues to strengthen core defenses. Token fraud declined 9.6% and enumeration losses fell 16% from July through … More → The post The new economics of fraud: Cheaper, faster, more convincing appeared first on Help Net Security.
http://news.poseidon-us.com/TSg35M

New infosec products of the week: May 22, 2026

Here’s a look at the most interesting products from the past week, featuring releases from ASAPP, Babel Street, CTERA, Forward, Riverbed, and Trust3 AI. Babel Street targets AI-driven threats with new agentic investigation capabilities Babel Street has launched Insights Investigator, a new agentic capability that puts tradecraft-trained AI agents at the front edge of investigative work while ensuring analysts remain in control of scope, logic, and outcomes of their missions. As part of the Babel … More → The post New infosec products of the week: May 22, 2026 appeared first on Help Net Security.
http://news.poseidon-us.com/TSg1s9

Microsoft open-sources tools for designing and testing AI agents

Microsoft has open-sourced two tools aimed at bringing security discipline to AI agent development: Clarity, a structured design review tool, and RAMPART, a continuous testing framework. The release comes from Microsoft’s AI Red Team, the company’s internal unit that stress-tests its own AI systems, and both tools have been used internally before being open-sourced. RAMPART: A test harness RAMPART is built on top of PyRIT, Microsoft’s existing open-source red-teaming library, and is designed to slot … More → The post Microsoft open-sources tools for designing and testing AI agents appeared first on Help Net Security.
http://news.poseidon-us.com/TSfff4

Authorities dismantle First VPN, used by ransomware actors

First VPN, a virtual private network service marketed to cybercriminals, promising anonymity for its users, was taken offline on May 19 and 20 as part of Operation Saffron. During the operation, French and Dutch authorities, with support from Europol and Eurojust, dismantled 33 servers linked to the service and interviewed the operator in Ukraine. The targeted domain names were shut down through international cooperation between law enforcement and judicial authorities. The seized domains included 1vpns.com, … More → The post Authorities dismantle First VPN, used by ransomware actors appeared first on Help Net Security.
http://news.poseidon-us.com/TSfbq9

GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise

GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threat group TeamPCP: Nx Console, a popular developer tool with 2.2 million installs. A malicious version of the otherwise benign extension was used to steal secrets and developer credentials, which were then used to move through CI/CD pipelines and exfiltrate around 3,800 of GitHub’s private code repositories. One missed token, many victims The company … More → The post GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise appeared first on Help Net Security.
http://news.poseidon-us.com/TSfbpG

Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)

Attackers are exploiting two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498), Microsoft acknowledged and CISA confirmed by adding them to its Known Exploited Vulnerabilities catalog. The vulnerabilities CVE-2026-41091 allows for local privilege elevation (LPE), and is caused by the Microsoft Malware Protection Engine improperly resolving links before accessing files. “An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” Microsoft noted. CVE-2026-45498 can cause a denial-of-service (DoS) state, i.e., it can be used to prevent … More → The post Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498) appeared first on Help Net Security.
http://news.poseidon-us.com/TSfR58