Author Archives: Poseidon

China-linked spies backdoored authentication stack to stay hidden for years

A China-linked cyber espionage group known as Velvet Ant spent nearly a decade inside the internal network of an unnamed organization without being detected, according to the results of a forensic investigation published by cybersecurity firm Sygnia. The group’s defining characteristic is the ability to maintain stealthy years-long persistence in target environments. In this particular case, booting them out also took considerable effort, as they managed to gain control of the full authentication stack by … More → The post China-linked spies backdoored authentication stack to stay hidden for years appeared first on Help Net Security.
http://news.poseidon-us.com/TT3Fq6

Delinea and Cyera integrate for data-aware identity security

Delinea and Cyera announced a product integration that connects privileged access to sensitive data exposure, automatically correlating identities with the data they can access. Together, Delinea and Cyera help security teams identify, prioritize, and remediate the highest-risk access paths across every human, machine, and AI agent. As identities multiply and AI agents interact with data at machine speed, security teams struggle to govern which privileged identities can reach critical data, and act on that risk … More → The post Delinea and Cyera integrate for data-aware identity security appeared first on Help Net Security.
http://news.poseidon-us.com/TT3Fp8

Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists because the affected software does not properly validate user-supplied input during a file upload process. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected API endpoint of the affected system. A successful exploit could allow the attacker to create or overwrite any file on the underlying operating system. This file could later be used to elevate to root. To exploit this vulnerability, the attacker must have valid credentials with at least a lower-privileged, single-task user account. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ Security Impact Rating: Medium CVE: CVE-2026-20262
http://news.poseidon-us.com/TT3D1M

1Password Credential Broker reduces secret sprawl through identity-based credential delivery

1Password has announced 1Password Credential Broker, a new product that securely brokers credentials, tokens, and federated access from 1Password to trusted requesters. The 1Password Credential Broker is available in private beta today, with support for GitHub Actions and a roadmap that extends trusted access across humans, machine workloads, and AI agents through a common identity fabric. For two decades, 1Password has helped consumers and businesses protect the credentials they use to access critical systems. But … More → The post 1Password Credential Broker reduces secret sprawl through identity-based credential delivery appeared first on Help Net Security.
http://news.poseidon-us.com/TT38C2

Trust3 AI’s AgentDOS monitors AI agent activity, data access, and token consumption

Trust3 AI has announced AgentDOS, an enterprise control plane that provides visibility into AI agents, including real-time token consumption monitoring across platforms such as Databricks Agent Bricks and Microsoft Copilot Studio. As enterprises rapidly scale AI adoption, a new class of risk is emerging: autonomous agents acting beyond their intended scope, accessing regulated data, and silently driving up token consumption. Regulatory frameworks such as the EU AI Act and standards like the NIST AI Risk … More → The post Trust3 AI’s AgentDOS monitors AI agent activity, data access, and token consumption appeared first on Help Net Security.
http://news.poseidon-us.com/TT38Bz

Omada Agent Governance helps organizations manage AI agent access, risk, and compliance

Omada has announced Omada Agent Governance, a new solution designed to help organizations bring the same governance discipline to AI agents and non-human identities that they already apply to people. AI agents are rapidly becoming a new class of digital actor inside enterprises. They connect to systems, access data, execute tasks and make decisions with increasing autonomy. Yet most organizations have limited visibility into how many AI agents exist in their environment, who is accountable … More → The post Omada Agent Governance helps organizations manage AI agent access, risk, and compliance appeared first on Help Net Security.
http://news.poseidon-us.com/TT38BQ

Ukrainian national pleads guilty in connection with Conti ransomware

A Ukrainian national pleaded guilty to conspiracy to commit wire fraud in connection with the deployment of Conti ransomware, which targeted more than 1,000 victims worldwide. According to the U.S. Department of Justice, 44-year-old Oleksii Oleksiyovych Lytvynenko joined the Conti conspiracy in or around September 2021 and possessed data stolen from eight U.S. victims and four overseas victims. “Lytvynenko further admitted to joining a team run by a Conti conspirator during which time Lytvynenko was … More → The post Ukrainian national pleads guilty in connection with Conti ransomware appeared first on Help Net Security.
http://news.poseidon-us.com/TT32gQ

Red Sift, GMO GlobalSign partnership simplifies email authentication and BIMI adoption

Red Sift has announced a partnership with GMO GlobalSign to provide organizations with a direct path from email authentication to verified brand visibility in the inbox. Red Sift OnDMARC is now available through GMO GlobalSign, enabling secure outbound email protection and the activation of Brand Indicators for Message Identification (BIMI) through a GMO GlobalSign Verified Mark Certificate (VMC) or Common Mark Certificate (CMC), all through a single trusted provider. Until now, organizations buying a VMC … More → The post Red Sift, GMO GlobalSign partnership simplifies email authentication and BIMI adoption appeared first on Help Net Security.
http://news.poseidon-us.com/TT32gN

AI vulnerability discovery is pushing 2026 CVEs toward 66,000

Vulnerability disclosures are piling up faster in 2026 than anyone expected at the start of the year. The running count for the first few months sits well above the original projection, and the Forum of Incident Response and Security Teams (FIRST) now expects the year to land near 66,000 CVEs. The cause sits mostly with one development: AI tools have started hunting for software flaws on their own, and they are good at it. “The … More → The post AI vulnerability discovery is pushing 2026 CVEs toward 66,000 appeared first on Help Net Security.
http://news.poseidon-us.com/TT32fb