433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Klue breach lead to Salesforce data theft, Huntress affected

Cybersecurity vendor Huntress was among multiple companies hit by a breach originating at Klue, a market intelligence platform used to integrate CRM and sales data across various business tools. Huntress published a detailed account of the incident on June 18, framing it as a “security domino effect” that began with one compromised integration credential and cascaded into theft of customer data across several connected platforms, including Salesforce. Attack timeline According to Huntress’s writeup, the attackers … More → The post Klue breach lead to Salesforce data theft, Huntress affected appeared first on Help Net Security.
http://news.poseidon-us.com/TT6pvK

Cybercriminals abused GitHub, YouTube and VirusTotal to push crypto-stealing malware

A cryptocurrency-stealing malware campaign used inflated GitHub activity, software reviews, YouTube tutorials and favorable VirusTotal comments to make malicious trading and gambling tools appear trustworthy, Check Point researchers found. According to the researchers, the attackers packaged the malware as tools designed to help users make money. The offerings included cryptocurrency sniper bots and gambling “predictors” that claimed to identify winning opportunities before other traders or forecast the outcome of online betting games. Instead of quick … More → The post Cybercriminals abused GitHub, YouTube and VirusTotal to push crypto-stealing malware appeared first on Help Net Security.
http://news.poseidon-us.com/TT6ptP

Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253)

CISA has added CVE-2026-20253, a critical, remotely exploitable vulnerability in Splunk Enterprise, to its Known Exploited Vulnerabilities catalog, and ordered US federal civilian agencies to apply mitigations by June 21, 2026. In-the-wild exploitation has also been confirmed by the vendor and Resecurity, who said that its potential for full system compromise should push organizations to prioritize patching and review systems for indicators of compromise such as: Requests containing path traversal sequences (../) PostgreSQL connection parameters … More → The post Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253) appeared first on Help Net Security.
http://news.poseidon-us.com/TT6lsW

Forget traffic lights, Google’s reCAPTCHA may ask for hand gestures

Google has introduced hand gesture verification for reCAPTCHA, a new method for verifying that a user is human. Google’s reCAPTCHA is part of Google Cloud Fraud Defense, a fraud and abuse prevention platform for bot, account, and transaction protection. It uses risk analysis and challenge-based verification to help organizations identify automated activity and suspicious behavior. The service is commonly deployed on login pages, registration forms, password reset pages, and checkout systems, where it can allow … More → The post Forget traffic lights, Google’s reCAPTCHA may ask for hand gestures appeared first on Help Net Security.
http://news.poseidon-us.com/TT6lrt

Mastodon 4.6 adds profile Collections and two-factor controls

People who run accounts on the open source social network Mastodon can now group profiles together and share those groups across the web. The 4.6 release centers on a feature called Collections, along with reworked profiles, email newsletters, server administration controls, and a set of accessibility changes. Server controls The release gives server administrators a control to require two-factor authentication on member accounts. Jerry, the administrator of infosec.exchange, plans to turn the requirement on and … More → The post Mastodon 4.6 adds profile Collections and two-factor controls appeared first on Help Net Security.
http://news.poseidon-us.com/TT6hzQ

Google sets timeline for Android developer verification enforcement

Android’s developer verification protections will take effect on September 30, 2026, starting with users in Brazil, Indonesia, Singapore, and Thailand. Developers distributing apps through participating stores in those markets must complete the verification process by the deadline. Google Play, HONOR App Market, OPPO App Market, Galaxy Store, Palm Store, V-Appstore, and GetApps will begin verifying app installations, with expansion to certified Android devices globally planned for 2027. Google introduced Android developer verification last year and … More → The post Google sets timeline for Android developer verification enforcement appeared first on Help Net Security.
http://news.poseidon-us.com/TT6fnm

Accenture to buy Dragos, runZero, and NetRise in $4.2 billion cybersecurity deal

Accenture is expanding its position with the acquisition of a majority stake in Dragos and all of runZero and NetRise to deliver end-to-end operational technology (OT) security for the critical infrastructure and industrial operations underpinning power grids, pipelines, manufacturing, distribution facilities and data centers. The Dragos Platform will expand to cover the extended environment that controls physical processes, while Accenture’s deep OT security expertise, unique industrial datasets and decades of trusted relationships with critical infrastructure … More → The post Accenture to buy Dragos, runZero, and NetRise in $4.2 billion cybersecurity deal appeared first on Help Net Security.
http://news.poseidon-us.com/TT6fmv

BlackFog brings shadow AI visibility to macOS endpoints with ADX Vision

BlackFog has announced the general availability of ADX Vision for macOS, extending its shadow AI detection, governance, and prevention platform to Apple endpoints. With this release, enterprises can now apply a single, consistent AI data-loss policy across Windows and macOS devices to stop sensitive data from leaving the organization through unsanctioned LLMs. The release addresses one of the most significant blind spots in enterprise AI governance. BlackFog’s research shows that most employees now use AI … More → The post BlackFog brings shadow AI visibility to macOS endpoints with ADX Vision appeared first on Help Net Security.
http://news.poseidon-us.com/TT6c04