Author Archives: Poseidon

Hacker stripped more than $50 million from Uranium crypto exchange, spent it on trading cards

US prosecutors have charged a Maryland man in connection with two hacks of the Uranium Finance cryptocurrency exchange that led to losses exceeding $50 million. Jonathan Spalletta, also known as “Cthulhon” and “Jspalletta,” is accused of abusing vulnerabilities in Uranium Finance smart contracts to siphon assets from the platform. If convicted, he could face up to 10 years in prison for computer fraud and 20 years for money laundering. “As alleged, Jonathan Spalletta repeatedly hacked … More → The post Hacker stripped more than $50 million from Uranium crypto exchange, spent it on trading cards appeared first on Help Net Security.
http://news.poseidon-us.com/TRp6DM

New Bitdefender assessment helps organizations identify and eliminate hidden internal attack paths

Bitdefender has announced the Bitdefender Internal Attack Surface Assessment, a complimentary evaluation that helps organizations identify and reduce hidden internal cyber risks caused by unnecessary user access to applications, tools, and operating system utilities commonly exploited in attacks. The assessment provides organizations with a data-driven view of their internal attack surface and offers actionable guidance to help prioritize and remediate exposure. Businesses face growing challenges defending against Living-Off-the-Land (LOTL), fileless, and other non-malware attack techniques, … More → The post New Bitdefender assessment helps organizations identify and eliminate hidden internal attack paths appeared first on Help Net Security.
http://news.poseidon-us.com/TRp6DF

Download: 2026 SANS Identity Threats & Defenses Survey

New research from the 2026 SANS Identity Threats & Defenses Survey shows that 55% of organizations experienced an identity-related compromise last year, while 26% reported MFA fatigue as a factor in identity attacks. Download the report to learn: Why identity compromises remain common How attackers abuse authentication systems using valid credentials Where organizations struggle to detect and contain identity threats Download the full report to see how identity attacks are evolving. The post Download: 2026 SANS Identity Threats & Defenses Survey appeared first on Help Net Security.
http://news.poseidon-us.com/TRp6C6

Windows 11 gets a rebuilt console engine with regex search, Sixel images and a 10x speed boost

Microsoft released Windows 11 Insider Preview Build 29558.1000 to the Canary Channel, part of the optional 29500 build series. The build carries a set of changes focused on the Windows Console, a handful of bug fixes, and small improvements to Settings and disk utilities. A rebuilt console The bulk of this build centers on the Windows Console, which is part of the open-source Windows Terminal project on GitHub. Microsoft is pulling accumulated contributions from that … More → The post Windows 11 gets a rebuilt console engine with regex search, Sixel images and a 10x speed boost appeared first on Help Net Security.
http://news.poseidon-us.com/TRnwV9

Apple counters ClickFix attacks with macOS Terminal warning

Apple has added a new security feature in macOS Tahoe 26.4 that warns users before they enter commands in Terminal that could cause harm. The goal is to stop ClickFix attacks, a social engineering trick that gets users to run malicious commands themselves. According to ESET, ClickFix activity jumped by more than 500% in the first half of 2025, making it the second-most common attack vector after phishing. The ClickFix tactic takes its name from … More → The post Apple counters ClickFix attacks with macOS Terminal warning appeared first on Help Net Security.
http://news.poseidon-us.com/TRnwV5

Axios npm packages backdoored in supply chain attack

An unknown attacker has compromised the GitHub and npm accounts of the main developer of Axios, a widely used HTTP client library, and published npm packages backdoored with a malicious dependency that triggered the installation of droppers and remote access trojans. How the attack unfolded On March 30, 2026, with an account using a separate throwaway ProtonMail address, the attacker published on NPM a trojanized copy of the popular crypto-js JavaScript library of crypto standards. … More → The post Axios npm packages backdoored in supply chain attack appeared first on Help Net Security.
http://news.poseidon-us.com/TRnwTx

Android developers just got a new verification layer

To help prevent malicious actors from spreading harmful apps while hiding behind anonymity, Google is rolling out developer verification to all Android developers. The company is also introducing app registration, which links apps to verified developer identities. Developers can still choose where to distribute their apps (Source: Google) Developers can begin completing verification now through the Android Developer Console and Play Console, ahead of user-facing changes scheduled for later this year. Developers who distribute apps … More → The post Android developers just got a new verification layer appeared first on Help Net Security.
http://news.poseidon-us.com/TRnwTX

Teams pushed to do more with less as AI increases workloads

Sacrificing engagement for performance might backfire, according to research from employee experience platform Culture Amp.
http://news.poseidon-us.com/TRnpj3

Intel puts its data center performance knowledge on GitHub

Intel engineers have published a centralized repository of data center performance knowledge on GitHub, giving practitioners direct access to tuning guides, configuration recommendations, and optimization recipes that previously required hunting across forums and scattered documentation. The repository, called Optimization Zone, is open-source and publicly accessible at GitHub. It covers software, workloads, performance analysis tools, and hardware configurations for Intel architectures. Built from customer feedback Intel engineers say the content grew from recurring questions and problems … More → The post Intel puts its data center performance knowledge on GitHub appeared first on Help Net Security.
http://news.poseidon-us.com/TRnmpq

Rspamd 4.0.0 ships memory savings, a new scan protocol, and a required migration step

The open-source spam filtering platform Rspamd released version 4.0.0, delivering infrastructure changes across its scan protocol, memory model, hash storage, and configuration system. Several of the changes are breaking, and at least one requires a migration step before upgrade. A new scan protocol The release introduces a /checkv3 endpoint that replaces HTTP headers with structured JSON or msgpack for metadata transport. The new endpoint uses multipart/form-data for requests and multipart/mixed for responses, supports per-part zstd … More → The post Rspamd 4.0.0 ships memory savings, a new scan protocol, and a required migration step appeared first on Help Net Security.
http://news.poseidon-us.com/TRnmpm