433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)

Cisco has revealed another Catalyst SD-WAN Manager vulnerability (CVE-2026-20262) that its Product Security Incident Response Team observed being exploited by attackers. But the associated security advisory also states that “the vulnerability was found during internal security testing”, raising the question of how attackers came to exploit it before Cisco had disclosed it publicly. The vulnerability (CVE-2026-20262) Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) is the management plane for the entire Cisco SD-WAN fabric. CVE-2026-20262 is … More → The post Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262) appeared first on Help Net Security.
http://news.poseidon-us.com/TT3sbZ

Crypto scammers are sending couriers to victims’ homes to collect cash

Scammers behind cryptocurrency investment schemes are dispatching couriers to pick up cash from victims in person, the FBI warns. According to the agency, scammers usually approach victims through social media, text messages, or fake investment personas, luring them into cryptocurrency schemes that use fraudulent trading platforms and fabricated returns to encourage additional deposits. When financial institutions block suspicious transfers, scammers tell victims that cash pickups are required to continue investing or to pay purported fees … More → The post Crypto scammers are sending couriers to victims’ homes to collect cash appeared first on Help Net Security.
http://news.poseidon-us.com/TT3sbV

Software supply chains are heading for a transparency test

Software supply chain visibility is becoming part of product security work as the EU Cyber Resilience Act (CRA) moves toward application in December 2027. ENISA’s SBOM Adoption State of Play 2026 shows organizations preparing for CRA obligations through SBOM tooling, automation, and changes to software development practices. Level of SBOM adoption based on organisation size (Source: ENISA) SBOMs move from best practice to requirement The CRA requires manufacturers to create, maintain, and, where necessary, provide … More → The post Software supply chains are heading for a transparency test appeared first on Help Net Security.
http://news.poseidon-us.com/TT3sbS

Planning a trip? Fake travel sites are multiplying this summer

Cyberattacks against hospitality, travel, and recreation organizations rose 24% year over year, reaching an average of 2,291 incidents per organization each week in May 2026, according to Check Point. (Source: Check Point) “The sector has more than doubled its attack volume since May 2023,” researchers noted, reporting a cumulative increase of 122% over three years. According to the report, 47,318 travel-related domains were registered in May 2026, a 33% increase from the previous month. One … More → The post Planning a trip? Fake travel sites are multiplying this summer appeared first on Help Net Security.
http://news.poseidon-us.com/TT3sZ7

GitHub releases an open dataset for multilingual developer content

Developers coordinate code across README files, issue threads, and pull request discussions. Much of that exchange happens in English, and a large share happens in other languages. GitHub has released a dataset built to help researchers and developers locate public repositories that carry non-English natural-language content. The GitHub Multilingual Repositories Dataset is available on GitHub under the CC0-1.0 license. The release follows a commitment GitHub made in 2025 as part of Microsoft’s European Digital Commitments … More → The post GitHub releases an open dataset for multilingual developer content appeared first on Help Net Security.
http://news.poseidon-us.com/TT3k6Q

From a VHDX File to a Remcos RAT, (Tue, Jun 16th)

Yesterday, a reader reported to us a malicious ZIP archive (SHA256: a0104921a2d37ab87482ac9a9f5c3713479c118846c3e999178e75b81620c094[1]). Once unzipped, it contains a VHDX file that discloses a malicious JavaScript after being mounted (which is automatic on modern Windows OSs):
http://news.poseidon-us.com/TT3jQb

Reachability makes AI threat modeling worth the trust

In this interview with Help Net Security, Oscar Andersson, CTO at Oplane, explains why most scanning tools fail. They cry wolf, flagging threats that cannot run in real code. The argument centers on reachability. A finding counts only when someone walks the path to impact on a working build. He shows how a chain of small design choices led to account takeover in a popular open-source project, then covers how to test a vendor’s claims, … More → The post Reachability makes AI threat modeling worth the trust appeared first on Help Net Security.
http://news.poseidon-us.com/TT3gjY

EU Cybersecurity Act 2.0: When good regulation goes bad

Over recent years we’ve witnessed the EU becoming increasingly serious about cybersecurity. After years of watching high profile breaches, many resulting from supply chain attacks targeting our critical infrastructure, that seriousness is welcome. But good intentions and good policy are not the same thing, and the proposed EU Cybersecurity Act 2.0 is starting to look a lot more like the former than the latter. The problem with CSA 2.0 The original EU Cybersecurity Act, which … More → The post EU Cybersecurity Act 2.0: When good regulation goes bad appeared first on Help Net Security.
http://news.poseidon-us.com/TT3ghW

The rise of machine identities and agentic AI: Securing trust in the next era of digital autonomy

In the latest episode of Identity Insider, I sat down with Chris Hughes, a cybersecurity expert who’s involved in OWASP’s work on non-human and machine identity security. Unsurprisingly, our discussion centered on the rapidly changing cybersecurity landscape, driven by the rise of artificial intelligence (AI), particularly agentic AI, which is giving systems unprecedented autonomy within the enterprise. You can watch our full discussion here: The conversation reinforced something I’ve been thinking about for a while: … More → The post The rise of machine identities and agentic AI: Securing trust in the next era of digital autonomy appeared first on Help Net Security.
http://news.poseidon-us.com/TT3d6S