433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

GitLab 19.0 adds AI workflows, secrets management, and self-hosted model support

GitLab released GitLab 19.0 with expanded secrets management, agentic merge request workflows, improved CI pipeline visibility, support for self-hosted open-source models, and supply chain visibility enhancements. Engineering organizations shipping more code than ever are confronting the AI Paradox firsthand, as the surrounding workflows for securing credentials, reviewing and merging changes, enforcing pipeline standards, and running AI in regulated environments have not kept pace. GitLab 19.0 advances the platform’s agentic core by embedding those capabilities where … More → The post GitLab 19.0 adds AI workflows, secrets management, and self-hosted model support appeared first on Help Net Security.
http://news.poseidon-us.com/TSgJB2

Proton Pass adds monitored credential sharing for AI agents

Proton Pass, a secure, end-to-end encrypted password manager, added credential sharing through AI access tokens, allowing users to give AI agents access to selected items and monitor activity. To gain access, an agent must provide a reason for the request so users can see what actions are being performed. Access tokens are available with Pass Plus (included in Proton Unlimited), Pass Family, Pass Professional, and Proton Workspace plans. “AI access tokens are easy to set … More → The post Proton Pass adds monitored credential sharing for AI agents appeared first on Help Net Security.
http://news.poseidon-us.com/TSgJB0

Keepnet contributes voice and SMS phishing data to the 2026 Verizon DBIR

Keepnet, an Extended Human Risk Management (xHRM) platform, today announced that its voice and SMS phishing simulation data contributed to the 2026 Verizon Data Breach Investigations Report (DBIR). The 2026 edition is the first to include voice and SMS phishing simulation data at this scale. The DBIR records this as “an increase of 40% in the median click rate” between phone-centric and email-based simulations (Verizon 2026 DBIR, p. 50). According to the report, phone-centric phishing … More → The post Keepnet contributes voice and SMS phishing data to the 2026 Verizon DBIR appeared first on Help Net Security.
http://news.poseidon-us.com/TSgJ9w

CISA’s new KEV nomination form opens reporting to vendors and researchers

The Cybersecurity and Infrastructure Security Agency launched a new nomination form that lets researchers, vendors, and industry partners report known exploited vulnerabilities for possible inclusion in its KEV catalog. The form gives outside contributors a direct way to submit vulnerabilities to CISA. Email submissions remain available at vulnerability@cisa.dhs.gov for organizations and individuals who prefer that route. “Every day, CISA collaborates with security researchers and industry partners that identify and report exploited vulnerabilities. This new reporting … More → The post CISA’s new KEV nomination form opens reporting to vendors and researchers appeared first on Help Net Security.
http://news.poseidon-us.com/TSgJ9h

Microsoft 365 users targeted by new phishing threat that bypasses MFA

Microsoft 365 access tokens are being targeted by an emerging Phishing-as-a-Service (PhaaS) platform called Kali365, the FBI is warning. First observed in April 2026, Kali365 has been distributed through Telegram, allowing cybercriminals to obtain Microsoft 365 access tokens and bypass MFA without stealing user credentials. “Kali365 lowers the barrier of entry, providing less-technical attackers access to AI-generated phishing lures, automated campaign templates, real-time targeted individual/entity tracking dashboards, and OAuth token capture capabilities,” the FBI said. … More → The post Microsoft 365 users targeted by new phishing threat that bypasses MFA appeared first on Help Net Security.
http://news.poseidon-us.com/TSgJ9T

Meet Fractal, an OS made for microarchitecture reverse engineering

Probing how a CPU isolates user code from kernel code is messy work. Researchers patch kernels, write drivers, or boot stripped-down bare-metal programs, and any of those choices change variables they were trying to hold still. Fractal, a new operating system from MIT CSAIL, was built to take that mess out of the loop, and its authors used it to surface previously undocumented behavior in the Apple M1 branch predictor. Joseph Ravichandran and Mengjia Yan … More → The post Meet Fractal, an OS made for microarchitecture reverse engineering appeared first on Help Net Security.
http://news.poseidon-us.com/TSgJ8T

Downtime has become a $600 billion business problem

The average cost of downtime has reached $600 billion for the Global 2000, a 50% increase in two years. According to Splunk’s The Hidden Costs of Downtime report, unplanned outages and service degradation cost each company an average of $300 million. Percentage of technology executives who consider a direct cost very or prohibitively disruptive (2024 versus 2026) (Source: Splunk) The consequences of an outage Delayed product launches, brand damage, and stock declines continue to affect … More → The post Downtime has become a $600 billion business problem appeared first on Help Net Security.
http://news.poseidon-us.com/TSgC4k

The new economics of fraud: Cheaper, faster, more convincing

Scams have become one of the fastest-growing consumer risks, driven by AI-enabled impersonation, social engineering, and sophisticated attack methods, according to Visa’s Spring 2026 Biannual Threats Report. Criminals redirect efforts toward trust and third parties Fraud involves behavioral manipulation, fragmented ecosystems, and faster attack cycles that use AI to pressure people into authorizing payments themselves. The payments ecosystem continues to strengthen core defenses. Token fraud declined 9.6% and enumeration losses fell 16% from July through … More → The post The new economics of fraud: Cheaper, faster, more convincing appeared first on Help Net Security.
http://news.poseidon-us.com/TSg35M

New infosec products of the week: May 22, 2026

Here’s a look at the most interesting products from the past week, featuring releases from ASAPP, Babel Street, CTERA, Forward, Riverbed, and Trust3 AI. Babel Street targets AI-driven threats with new agentic investigation capabilities Babel Street has launched Insights Investigator, a new agentic capability that puts tradecraft-trained AI agents at the front edge of investigative work while ensuring analysts remain in control of scope, logic, and outcomes of their missions. As part of the Babel … More → The post New infosec products of the week: May 22, 2026 appeared first on Help Net Security.
http://news.poseidon-us.com/TSg1s9