433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Identity risk is changing faster than most security teams expect

Security leaders are starting to see a shift in digital identity risk. Fraud activity is becoming coordinated, automated, and self-improving. Synthetic personas, credential replay, and high speed onboarding attempts now operate through shared infrastructures that behave less like scattered threats and more like systems that learn as they run, according to a report by AU10TIX. This trend is shaping how fraud teams, risk executives, and identity product owners will need to prepare for 2026. How … More → The post Identity risk is changing faster than most security teams expect appeared first on Help Net Security.
http://news.poseidon-us.com/TPvSM1

New infosec products of the week: December 19, 2025

Here’s a look at the most interesting products from the past week, featuring releases from Apiiro, Astra Security, Push Security, Trellix, and XM Cyber. Apiiro unveils AI SAST built on deep code analysis to eliminate false positives Apiiro introduced Apiiro AI SAST, a new approach to static application security testing (SAST) that automates code risk detection, validation and fixes with the precision and cognitive process of an expert application security engineer. Grounded in Apiiro’s patented … More → The post New infosec products of the week: December 19, 2025 appeared first on Help Net Security.
http://news.poseidon-us.com/TPvSKY

Crypto theft in 2025: North Korean hackers continue to dominate

When they strike cryptocurrency-related targets, North Korean hacking groups are increasingly aiming for large services where a single breach can move serious money, a new Chainalysis report on crypto theft in 2025 revealed. “North Korean hackers stole $2.02 billion in cryptocurrency in 2025, a 51% year-over-year increase, pushing their all-time total to $6.75 billion despite fewer attacks,” the company says. How are they achieveing this? For years, a big part of their playbook involved placing … More → The post Crypto theft in 2025: North Korean hackers continue to dominate appeared first on Help Net Security.
http://news.poseidon-us.com/TPtxVq

Apiiro unveils AI SAST built on deep code analysis to eliminate false positives

Apiiro introduced Apiiro AI SAST, a new approach to static application security testing (SAST) that automates code risk detection, validation and fixes with the precision and cognitive process of an expert application security engineer. Grounded in Apiiro’s patented Deep Code Analysis (DCA), Apiiro AI-SAST combines call flow, data flow and reachability analysis with AI reasoning to eliminate false positives, validate exploitable risks, and fix true business risks. AI coding assistants have increased code delivery by … More → The post Apiiro unveils AI SAST built on deep code analysis to eliminate false positives appeared first on Help Net Security.
http://news.poseidon-us.com/TPtqvf

Clipping Scripted Sparrow’s wings: Tracking a global phishing ring

Between June 2024 and December 2025, Fortra analysts tracked a persistent business email compromise (BEC) operation that we have now classified as Scripted Sparrow. The group carries out well-crafted highly targeted phishing campaigns that masquerade as professional services firms to mislead finance teams into transferring money to fraudsters’ accounts. However, unlike conventional BEC actors, Scripted Sparrow uses a structured, consistent, and disciplined approach. Each campaign shows how they have conducted research, used consistent language with … More → The post Clipping Scripted Sparrow’s wings: Tracking a global phishing ring appeared first on Help Net Security.
http://news.poseidon-us.com/TPtqvT

AppGate extends zero trust to secure AI workloads with Agentic AI Core Protection

AppGate announced the launch of Agentic AI Core Protection, a new capability within AppGate ZTNA designed to secure AI workloads deployed in enterprise core environments across on-prem and cloud venues. This innovation enables organizations to embrace AI-driven transformation while maintaining robust security and compliance. As enterprises accelerate AI adoption, agents are increasingly deployed in servers, VMs, and Kubernetes cluster, typically as part of a corporate policy for security and compliance. These deployments often expose APIs … More → The post AppGate extends zero trust to secure AI workloads with Agentic AI Core Protection appeared first on Help Net Security.
http://news.poseidon-us.com/TPtqsX

Microsoft 365 users targeted in device code phishing attacks

Attackers are targeting Microsoft 365 users with device code authorization phishing, a technique that fools users into approving access tokens, Proofpoint warns. The method abuses Microsoft’s OAuth 2.0 device authorization grant flow by presenting users with device codes that, when entered, inadvertently grant attackers control of enterprise accounts. This trend reflects a broader shift away from basic password theft toward abusing modern authentication flows to bypass multi-factor authentication protection. The campaigns and the tools used … More → The post Microsoft 365 users targeted in device code phishing attacks appeared first on Help Net Security.
http://news.poseidon-us.com/TPtmXr