433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Open-source privacy proxy masks PII before prompts reach external AI services

Enterprise developers routinely send prompts to external large language models that contain customer emails, support transcripts, and other identifying information, often without a sanitization layer between the application and the API. Dataiku has released Kiji Privacy Proxy, an open-source local gateway that detects and masks personally identifiable information before requests leave the network. The tool sits between local applications and external AI APIs such as OpenAI and Anthropic. Inbound requests pass through a machine learning … More → The post Open-source privacy proxy masks PII before prompts reach external AI services appeared first on Help Net Security.
http://news.poseidon-us.com/TSLMJp

Shadow AI risks deepen as 31% of users get no employer training

Between one-fifth and one-third of workers use AI outside the influence and governance of the IT function, according to a global survey of 6,000 full-time employees at enterprise organizations. Researchers found a widening gap between employee AI adoption and the controls organizations have in place to manage it. The Lenovo Work Reborn Research Series 2026 report documents a workforce split into two groups: employees equipped with IT-managed tools, training, and oversight, and those operating independently … More → The post Shadow AI risks deepen as 31% of users get no employer training appeared first on Help Net Security.
http://news.poseidon-us.com/TSLMJn

Identity is the control plane for distributed infrastructure

Teleport CEO Ev Kontsevoy makes the case that distributed infrastructure, across cloud, Kubernetes, databases, and servers, can’t be secured by layering more tools on top of fragmented identity systems. He argues for fewer credentials, fewer entry points, and a single identity layer that gives security and engineering teams unified visibility and control. The post Identity is the control plane for distributed infrastructure appeared first on Help Net Security.
http://news.poseidon-us.com/TSLMJc

New infosec products of the month: April 2026

Here’s a look at the most interesting products from the past month, featuring releases from Advenica, Aptori, Axonius, Broadcom, GlobalSign, Intruder, IP Fabric, Mallory, Secureframe, Siemens, Sitehop, and Virtue AI. Mallory brings contextual threat intelligence to security operations Mallory is launching an AI-native threat intelligence platform that monitors thousands of threat sources, contextualizes them against your actual attack surface, and puts that intelligence to work across hunting, detection, and exposure management use cases. One platform. … More → The post New infosec products of the month: April 2026 appeared first on Help Net Security.
http://news.poseidon-us.com/TSLLtf

cPanel zero-day exploited for months before patch release (CVE-2026-41940)

A critical authentication bypass vulnerability (CVE-2026-41940) in cPanel, a popular web-based control panel for managing web hosting accounts, is being exploited by attackers in the wild. What’s more, attackers didn’t have to wait for watchTowr security researchers to release technical details about the vulnerability – they have been spotted exploiting CVE-2026-41940 since February 23, and have likely been abusing it even earlier. About CVE-2026-41940 CPanel, typically provided by shared hosting companies, is one of the … More → The post cPanel zero-day exploited for months before patch release (CVE-2026-41940) appeared first on Help Net Security.
http://news.poseidon-us.com/TSLLtd

Cisco releases open-source toolkit for verifying AI model lineage

Enterprises pulling models from Hugging Face and other open repositories rarely keep records of how those models are altered after download, leaving organizations with little ability to confirm what they are running in production. The State of AI Security 2026 from Cisco places this level of access inside a growing pattern of AI-driven operations that connect directly to core business systems, and identifies AI supply chain exposure as a recurring risk. Cisco has published the … More → The post Cisco releases open-source toolkit for verifying AI model lineage appeared first on Help Net Security.
http://news.poseidon-us.com/TSLLtc

Met Police face criticism for using AI to spy on their own officers

London police officers have been warned by the Metropolitan Police Federation to watch their backs after the force deployed controversial AI software to investigate misconduct. The staff association, representing more than 30,000 officers in London, reported it had not been informed of plans to use Palantir’s AI to analyze officers’ movements. The Federation notified all colleagues and advised them to exercise “extreme caution when carrying Metropolitan Police-issued devices while off duty”. It believes the use … More → The post Met Police face criticism for using AI to spy on their own officers appeared first on Help Net Security.
http://news.poseidon-us.com/TSLLtb

Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)

Security researchers at Theori have disclosed a high-severity local privilege escalation (LPE) vulnerability (CVE-2026-31431) in the Linux kernel. The flaw, nicknamed “Copy Fail”, has affected virtually every major Linux distribution shipped since 2017, and a working proof-of-concept (PoC) exploit is publicly available. About CVE-2026-31431 According to Theori researchers, CVE-2026-31431 originates from the interaction of three reasonable kernel changes made over several years: the addition of authencesn (an AEAD cryptographic wrapper used by IPsec) in 2011, … More → The post Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431) appeared first on Help Net Security.
http://news.poseidon-us.com/TSLLtT