433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Software supply chain hacks trigger wave of intrusions, data theft

After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that “hundreds of thousands of stolen secrets could potentially be circulating” as a result of this and the Trivy, KICS, LiteLLM, and Telnyx supply chain attacks (linked to TeamPCP). “This could enable further software supply chain attacks, software as a service (SaaS) environment compromises (leading to downstream customer compromises), ransomware and extortion events, and cryptocurrency theft over the near term,” … More → The post Software supply chain hacks trigger wave of intrusions, data theft appeared first on Help Net Security.
http://news.poseidon-us.com/TRrJJw

New Red Hat subscription simplifies long-term enterprise Linux support

Red Hat has announced Red Hat Enterprise Linux Extended Life Cycle Premium, a new subscription that provides a predictable 14-year life cycle for major Red Hat Enterprise Linux releases. This stand-alone subscription consolidates extended support, simplifying the management of multiple support streams. It helps organizations maintain their most sensitive, change-averse workloads on a single, hardened foundation for more than a decade. As enterprises deploy full-scale production, the underlying infrastructure relies on consistency. Frequent minor release … More → The post New Red Hat subscription simplifies long-term enterprise Linux support appeared first on Help Net Security.
http://news.poseidon-us.com/TRr661

DarkSword exploit forces Apple to loosen its patching policy

Apple has extended security updates to a wider range of devices still running iOS 18, aiming to protect users from the DarkSword exploit kit. This is not the first time Apple has backported fixes for older devices based on vulnerability severity. Allowing iOS 18 users to receive patches without upgrading to iOS 26, however, signals a shift in its long-standing security approach following the discovery of the DarkSword and Coruna exploit kits. When iOS 26 … More → The post DarkSword exploit forces Apple to loosen its patching policy appeared first on Help Net Security.
http://news.poseidon-us.com/TRqwlx

TrueConf zero-day vulnerability exploited to target government networks

Suspected China-nexus attackers have leveraged a zero-day vulnerability (CVE-2026-3502) in the TrueConf client application to distribute malware within government networks in Southeast Asia, Check Point researchers discovered. Malicious client update attack chain (Source: Check Point) Trusted update mechanism turned into attack vector TrueConf is a videoconferencing platform designed to run on private local networks (LANs) without internet access, which makes it attractive to government departments, defense institutions, and critical infrastructure operators. Consequently, the solution is … More → The post TrueConf zero-day vulnerability exploited to target government networks appeared first on Help Net Security.
http://news.poseidon-us.com/TRqpl5

Trust, friction, and ROI: A CISO’s take on making security work for the business

In this Help Net Security interview, John O’Rourke, CISO at PPG, talks about what it means for security to drive business value. He explains how mature security programs reduce friction in sales cycles and M&A processes, and how trust is built over time. O’Rourke also addresses how buyer sophistication has raised the bar for suppliers, why less-regulated industries lag behind their more-regulated counterparts, and which companies will benefit from foundational security investments. The interview covers … More → The post Trust, friction, and ROI: A CISO’s take on making security work for the business appeared first on Help Net Security.
http://news.poseidon-us.com/TRqfk2

Tracking drones with the 5G tower down the street

Drone detection in cities is expensive. Dedicated radar installations are cost-prohibitive at scale, cameras have limited range and stop working well at night, and LiDAR systems have the same cost problem as radar. A group of researchers at the University of Science and Technology of China spent the past year working on a different approach: using 5G-Advanced base stations that are already in the ground to do the job instead. The 5G-A base station Active … More → The post Tracking drones with the 5G tower down the street appeared first on Help Net Security.
http://news.poseidon-us.com/TRqfhq

Your customer passed authentication. So why are they sending money to a scammer?

In this Help Net Security video, Lenny Gusel, Head of Fraud Solutions in North America at Feedzai, explains how customer identity and access management has converged with digital fraud detection, and why treating them as separate systems creates real risk. The core idea is continuous, contextual trust. Where traditional IAM grants access at a single point in time, fraud systems track behavior throughout an entire session, reading device signals, network context, and how a user … More → The post Your customer passed authentication. So why are they sending money to a scammer? appeared first on Help Net Security.
http://news.poseidon-us.com/TRqddR