433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Fake Zoom meeting leads to silent install of surveillance software

Malwarebytes researchers have uncovered a fake (but convincing) Zoom meeting page that downloads surveillance software on Windows computers and tricks users into running it. According to Microsoft MVP Steven Lim, the page has claimed nearly 1,500 victims in 12 days. The trick Potential victims likely visit the page (at uswebzoomus[.]com/zoom/) after getting a meeting invite/link via email or text. The page is made to look like a Zoom waiting room and, once a visitor interacts … More → The post Fake Zoom meeting leads to silent install of surveillance software appeared first on Help Net Security.
http://news.poseidon-us.com/TR8yKF

Contractors: Bye, shutdowns. Hello, new-era NASA and FIFA World Cup.

The World Cup “is the equivalent of 78 Super Bowls in 40 days. This is really a great role for contractors to show the value that they bring,” Jim Carroll said.
http://news.poseidon-us.com/TR8xwg

Netskope NewEdge AI Fast Path reduces latency for enterprise AI workloads

Netskope has announced NewEdge AI Fast Path, a set of capabilities designed to optimize network paths to critical AI destinations, including applications hosted in public, private, or neo-cloud environments. The offering reduces latency and costs, improves performance and resilience, and delivers a secure experience for teams using AI applications or enterprises adopting agentic AI. Eliminating the “security vs. speed” dilemma The gap between AI expectations and reality is widening, and a recent survey revealed that … More → The post Netskope NewEdge AI Fast Path reduces latency for enterprise AI workloads appeared first on Help Net Security.
http://news.poseidon-us.com/TR8rmJ

SentinelOne addresses identity risk across endpoints, browsers, and AI workflows

SentinelOne has unveiled its Singularity Identity portfolio designed to secure the growing population of non-human identities, including AI agents, service accounts, APIs, and workloads. Identity attacks have long been a go-to tactic for nation-state actors and cybercriminals. Most defenses focus on stopping them at authentication and permissions. Attackers continue adapting their tactics to bypass those controls. When a threat actor logs in as a legitimate user and uses approved tools to move laterally or exfiltrate … More → The post SentinelOne addresses identity risk across endpoints, browsers, and AI workflows appeared first on Help Net Security.
http://news.poseidon-us.com/TR8rm3

Veza expands platform with AI Access Agents for enterprise identity governance

Veza expanded its platform with Veza Access Agents, a set of purpose-built AI agents designed to automate complex identity and access governance tasks for enterprises. Veza also announced advancements to its AI Agent Security product, providing organizations with deeper visibility into agent risks and greater control over third-party AI agents, large language models (LLMs), AI apps, and AI infrastructure (MCP). As enterprises adopt agentic AI to drive business efficiency, the volume and complexity of identity-based … More → The post Veza expands platform with AI Access Agents for enterprise identity governance appeared first on Help Net Security.
http://news.poseidon-us.com/TR8rlv

CloudCasa expands Red Hat OpenShift data protection across edge and hybrid cloud

CloudCasa has announced enhancements to its backup and recovery platform designed to support Red Hat OpenShift environments across core, edge, and hybrid cloud deployments. The latest CloudCasa updates introduce SMB protocol support as a backup storage target, enabling organizations to leverage existing SMB-based storage, including deployments using an SMB operator on Red Hat OpenShift clusters, for Kubernetes and Red Hat OpenShift data protection. This added flexibility helps customers align backup architectures with existing enterprise storage … More → The post CloudCasa expands Red Hat OpenShift data protection across edge and hybrid cloud appeared first on Help Net Security.
http://news.poseidon-us.com/TR8rkZ

Cisco Catalyst SD-WAN Vulnerabilities

Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an attacker to access an affected system, elevate privileges to root, gain access to sensitive information, and overwrite arbitrary files. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v Security Impact Rating: Critical CVE: CVE-2026-20122,CVE-2026-20126,CVE-2026-20128,CVE-2026-20129,CVE-2026-20133
http://news.poseidon-us.com/TR8rTF

Cisco FXOS and UCS Manager Software Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root.  This vulnerability is due to insufficient input validation of command arguments supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of the affected device with root-level privileges. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsciv-wGYtC78q This advisory is part of the February 2026 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: February 2026 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2026-20099
http://news.poseidon-us.com/TR8rSK

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.  Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk Security Impact Rating: Critical CVE: CVE-2026-20127
http://news.poseidon-us.com/TR8rSJ