433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

“Patched” but still exposed: US federal agencies must remediate Cisco flaws (again)

CISA has ordered US federal agencies to fully address two actively exploited vulnerabilities (CVE-2025-20333, CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) and Firepower firewalls. “In CISA’s analysis of agency-reported data, CISA has identified devices marked as ‘patched’ in the reporting template, but which were updated to a version of the software that is still vulnerable to the threat activity outlined in [Emergency Directive 25-03, released on September 25, 2025],” the agency stated on Wednesday. “CISA … More → The post “Patched” but still exposed: US federal agencies must remediate Cisco flaws (again) appeared first on Help Net Security.
http://news.poseidon-us.com/TPFQtp

TrojAI Defend for MCP brings real-time security, visibility, and policy enforcement to agentic AI

TrojAI has launched its new AI runtime defense solution for agentic AI workflows, TrojAI Defend for MCP. Model Context Protocol (MCP) is an open protocol that allows AI agents to connect with external data, tools, and services in a standardized way enabling AI innovation at a rapid pace. TrojAI Defend for MCP was built to monitor traffic to and from MCP servers, providing unified visibility, policy analysis, and runtime enforcement across agents and MCP gateways. … More → The post TrojAI Defend for MCP brings real-time security, visibility, and policy enforcement to agentic AI appeared first on Help Net Security.
http://news.poseidon-us.com/TPFQsk

Google Sues to Disrupt Chinese SMS Phishing Triad

Google is suing more than two dozen unnamed individuals allegedly involved in peddling a popular China-based mobile phishing service that helps scammers impersonate hundreds of trusted brands, blast out text message lures, and convert phished payment card data into mobile wallets from Apple and Google.
http://news.poseidon-us.com/TPFNvH

Rhadamanthys infostealer operation disrupted by law enforcement

The rumors were true: Operation Endgame, a joint effort between law enforcement and judicial authorities of several European countries, Australia, Canada, the UK and the US, has disrupted the infrastructure supporting the operation of the Rhadamanthys infostealer. “Between 10 and 14 November 2025, the latest phase of Operation Endgame was coordinated from Europol’s headquarters in The Hague. The actions targeted one of the biggest infostealers (Rhadamanthys), the Remote Access Trojan VenomRAT, and the botnet Elysium, … More → The post Rhadamanthys infostealer operation disrupted by law enforcement appeared first on Help Net Security.
http://news.poseidon-us.com/TPFGT5

Nokod Security launches Adaptive Agent Security to protect AI agents across the entire ADLC

Nokod Security announced the launch of Adaptive Agent Security, a solution that delivers real-time visibility, governance, and protection from threats across the Agent Development Lifecycle (ADLC). Citizen developers and business users are building and deploying AI agents that connect to live systems, data and APIs, often beyond the reach of security controls. Nokod’s new solution provides adaptive, continuous protection that keeps every agent’s behavior in check, ensuring innovation can scale safely and securely. Coverage for … More → The post Nokod Security launches Adaptive Agent Security to protect AI agents across the entire ADLC appeared first on Help Net Security.
http://news.poseidon-us.com/TPF56L

Formbook Delivered Through Multiple Scripts, (Thu, Nov 13th)

When I&#x27m teachning FOR610[1], I always say to my students that reverse engineering does not only apply to “executable files” (read: PE or ELF files). Most of the time, the infection path involves many stages to defeat the Security Analyst or security controls. Here is an example that I found yesterday. An email was received via an attached ZIP archive. It contained a simple file: “Payment_confirmation_copy_30K__202512110937495663904650431.vbs” (SHA256:d9bd350b04cd2540bbcbf9da1f3321f8c6bba1d8fe31de63d5afaf18a735744f) identified by 17/65 antiviruses on VT[2]. Let&#x27s have a look at the infection path.
http://news.poseidon-us.com/TPF2nd

Healthcare security is broken because its systems can’t talk to each other

In this Help Net Security interview, Cameron Kracke, CISO at Prime Therapeutics, discusses how the healthcare ecosystem can achieve cohesive security visibility. With hospitals, clinics, telehealth, and cloud partners all in the mix, maintaining visibility remains a complex task. Kracke shares how interoperability, collaboration, and strategic investment can strengthen resilience across the healthcare security landscape. When you look at the modern healthcare ecosystem with hospitals, clinics, telehealth, medical devices, and cloud partners, what is the … More → The post Healthcare security is broken because its systems can’t talk to each other appeared first on Help Net Security.
http://news.poseidon-us.com/TPF09F

Wanna bet? Scammers are playing the odds better than you are

Placing a bet has never been this easy, and that’s the problem. The convenience of online gambling is the same thing scammers are cashing in on. Whether it’s a fake app, a “can’t-miss” tipster, or a rigged casino, the game is stacked against you. By 2030, the online gambling market is projected to reach around $169 billion. 22 percent of Americans, including 48 percent of men ages 18 to 49, have an account with at … More → The post Wanna bet? Scammers are playing the odds better than you are appeared first on Help Net Security.
http://news.poseidon-us.com/TPF08m