433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Hottest cybersecurity open-source tools of the month: January 2026

This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. OpenAEV: Open-source adversarial exposure validation platform OpenAEV is an open source platform designed to plan, run, and review cyber adversary simulation campaigns used by security teams. The project focuses on organizing exercises that blend technical actions with operational and human response elements, all managed through a single system. StackRox: Open-source Kubernetes security platform Security teams spend a … More → The post Hottest cybersecurity open-source tools of the month: January 2026 appeared first on Help Net Security.
http://news.poseidon-us.com/TQd81V

A practical take on cyber resilience for CISOs

In this Help Net Security video, Shebani Baweja, CISO for Consumer, Private, Wealth & Business Banking at Standard Chartered, explains how security leaders should think about cyber resilience. She outlines why preparation for extreme events matters as much as day to day protection. Baweja describes cyber resilience as an extension of information security and operational resilience, with a focus on recovery, trust, and continuity when serious incidents occur. The discussion covers three priority areas. The … More → The post A practical take on cyber resilience for CISOs appeared first on Help Net Security.
http://news.poseidon-us.com/TQd81L

ImmuniWeb reports double-digit growth and platform advances

ImmuniWeb has hit another all-time sales record in 2025, while successfully sustaining double-digit year-over-year (YoY) growth and remaining profitable. During 2025, the company announced 4 major updates to the ImmuniWeb AI Platform. All products for web, mobile, and API security testing were enhanced with AI-specific testing capabilities, covering the full scope from OWASP Top 10 to LLM vulnerabilities. ImmuniWeb has also been continually improving its Community Edition with numerous new features and novel functionalities, including … More → The post ImmuniWeb reports double-digit growth and platform advances appeared first on Help Net Security.
http://news.poseidon-us.com/TQd5pc

A fake romance turns into an Android spyware infection

ESET researchers have identified an Android spyware campaign that uses romance scam tactics to target individuals in Pakistan. The operation relies on a malicious app disguised as a chat service that routes conversations through WhatsApp. Behind the romance lure, the app’s primary function is to steal data from infected devices. ESET tracks the malware as GhostChat. GhostChat attack flow (Source: ESET) The same threat actor appears to be running a wider surveillance effort. This includes … More → The post A fake romance turns into an Android spyware infection appeared first on Help Net Security.
http://news.poseidon-us.com/TQd0jf

OPNsense 26.1 brings updates to open-source firewall management

OPNsense, the open-source firewall and network security platform, reached version 26.1, adding a range of updates affecting management, traffic visibility, automation interfaces, and core services. Changes in firewall management and APIs Version 26.1, code-named Witty Woodpecker, introduces revisions to the firewall user experience and its automation interfaces. The live firewall log function was updated to provide administrators with faster insight into real-time traffic decisions. A redesigned Firewall Rules interface restructures how rules are created and … More → The post OPNsense 26.1 brings updates to open-source firewall management appeared first on Help Net Security.
http://news.poseidon-us.com/TQcyDf

WinRAR vulnerability still a go-to tool for hackers, Mandiant warns

State-sponsored hackers and financially motivated attackers continue leveraging a critical WinRAR vulnerability (CVE-2025-8088) that’s been fixed over half a year ago. CVE-2025-8088 is a path traversal vulnerability that can be exploited via maliciously crafted RAR archives. “The exploit chain often involves concealing the malicious file within the ADS of a decoy file inside the archive. While the user typically views a decoy document (such as a PDF) within the archive, there are also malicious ADS … More → The post WinRAR vulnerability still a go-to tool for hackers, Mandiant warns appeared first on Help Net Security.
http://news.poseidon-us.com/TQccgV

Veracode’s platform enhancements help prevent software supply chain attacks

Veracode announced significant platform innovations introduced through the second half of 2025. Headlining the release is Package Firewall, a preventive control for software supply chains, advancing the company’s mission to help organizations run secure software from code to cloud. With supply chain-related third-party breaches doubling year over year— from 15 to 30 percent according to the Verizon 2025 Data Breach Investigations Report— the need to strengthen security across the software ecosystem has never been greater. … More → The post Veracode’s platform enhancements help prevent software supply chain attacks appeared first on Help Net Security.
http://news.poseidon-us.com/TQccft