433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Secure endpoint management systems immediately, CISA urges

The US Cybersecurity and Infrastructure Security Agency (CISA) warns that the cyberattack on Stryker Corporation serves as a signal to U.S. organizations that foreign cyber activity tied to Middle East conflicts may be spilling into their operations. Attackers breached Stryker’s internal Microsoft environment and reportedly wiped 200,000 systems, servers, and mobile devices, while extracting 50 terabytes of data. To defend against similar malicious activity involving the misuse of legitimate endpoint management software, CISA urges organizations … More → The post Secure endpoint management systems immediately, CISA urges appeared first on Help Net Security.
http://news.poseidon-us.com/TRZqgk

CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963)

CVE-2026-20963, a remote code execution (RCE) SharePoint vulnerability Microsoft fixed in January 2026, is being exploited by attackers. The confirmation comes from the US Cybersecurity and Infrastructure Security Agency (CISA), which added the flaw to its Known Exploited Vulnerabilities (KEV) catalog on Wednesday. About CVE-2026-20963 CVE-2026-20963 affects Microsoft SharePoint Server Subscription Edition, Microsoft SharePoint Server 2019, and Microsoft SharePoint Enterprise Server 2016. It is caused by deserialization of untrusted data and may allow an unauthorized … More → The post CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963) appeared first on Help Net Security.
http://news.poseidon-us.com/TRZqf5

Google limits Android accessibility API to curb malware abuse

Google is restricting how Android apps can use accessibility features after years of abuse by banking Trojans and mobile malware. The changes, introduced in Android 17.2, limit access to the accessibility API when Advanced Protection Mode (APM) is enabled. Apps that do not serve a core accessibility function can no longer use these services, closing off a common attack vector. Accessibility API abuse remains a key threat vector The accessibility API allows apps to read … More → The post Google limits Android accessibility API to curb malware abuse appeared first on Help Net Security.
http://news.poseidon-us.com/TRZlfr

900,000 contact records exposed in Aura data breach

Aura, the online safety service, confirmed that an unauthorized party accessed about 900,000 records, mostly names and email addresses from a marketing tool linked to a company it acquired in 2021. The incident occurred as a result of a targeted phone phishing attack that tricked one of the employees. Aura believes that contact information related to less than 20,000 active customers and less than 15,000 former customers was accessed. According to Have I Been Pwned, … More → The post 900,000 contact records exposed in Aura data breach appeared first on Help Net Security.
http://news.poseidon-us.com/TRZlfq

EDR killers are now standard equipment in ransomware attacks

Ransomware attackers routinely deploy tools designed to disable endpoint detection and response software before launching encryptors. These tools, known as EDR killers, have become a standard component of ransomware intrusions. ESET Research tracked nearly 90 EDR killers actively used in the wild. The workflow is consistent across groups: an attacker gains high privileges, deploys an EDR killer to disrupt security software, then runs the encryptor. Affiliates prefer this approach because it gives them a brief, … More → The post EDR killers are now standard equipment in ransomware attacks appeared first on Help Net Security.
http://news.poseidon-us.com/TRZlfH

Arcjet enables inline defense against prompt injection in production AI systems

Arcjet has released AI Prompt Injection Protection, a new capability designed to stop prompt injection attacks before they reach production AI models. The feature detects hostile prompts at the application boundary and gives developers a decision point inside the request lifecycle where malicious instructions can be blocked before inference occurs. Companies are shipping AI features into production faster than security review cycles can keep up. As those systems gain access to data, tools, and expensive … More → The post Arcjet enables inline defense against prompt injection in production AI systems appeared first on Help Net Security.
http://news.poseidon-us.com/TRZbhD

Keysight SBOM Manager simplifies global cybersecurity compliance and software transparency

Keysight Technologies has launched Keysight SBOM Manager, a new solution designed to help organizations meet growing global cybersecurity and software transparency requirements, led by the European Union’s Cyber Resilience Act (CRA). The solution provides a unified approach to generating, managing, and using Software Bill of Materials (SBOMs) for digital products, enabling organizations to meet regulatory obligations with greater accuracy, confidence, and consistency across the product lifecycle. Cybersecurity regulations worldwide are converging on a common expectation: … More → The post Keysight SBOM Manager simplifies global cybersecurity compliance and software transparency appeared first on Help Net Security.
http://news.poseidon-us.com/TRZbg6

Samba 4.24.0 ships Kerberos hardening and a CVE fix for domain encryption defaults

Samba 4.24.0 arrived carrying a set of Kerberos security changes aimed at Active Directory deployments. The release fixes a vulnerability, extends audit coverage for sensitive AD attributes, and introduces configuration options to counter two related Kerberos impersonation techniques. A CVE drives the encryption default change The most directly security-relevant change in 4.24.0 is a shift in default encryption types for Kerberos. The kdc default domain supported enctypes parameter now defaults to AES-128 and AES-256 (specifically … More → The post Samba 4.24.0 ships Kerberos hardening and a CVE fix for domain encryption defaults appeared first on Help Net Security.
http://news.poseidon-us.com/TRZbf4

Java 26 ships with new cryptography API and HTTP/3 support

Oracle released JDK 26, the 17th consecutive feature release delivered under the six-month cadence the project adopted in 2018. The release includes ten JDK Enhancement Proposals spanning language changes, garbage collection improvements, cryptographic tooling, and network protocol support. PEM encoding API targets cryptographic integration JEP 524 introduces a second preview of a PEM encoding API for cryptographic objects. The API converts keys, certificates, and certificate revocation lists into Privacy-Enhanced Mail format and decodes them back … More → The post Java 26 ships with new cryptography API and HTTP/3 support appeared first on Help Net Security.
http://news.poseidon-us.com/TRZbdx