433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Hackers probe, exploit newly patched BeyondTrust RCE flaw (CVE-2026-1731)

Attackers are exploiting a recently patched critical vulnerability (CVE-2026-1731) in internet-facing BeyondTrust Remote Support and Privileged Remote Access instances. “Attackers are abusing get_portal_info to extract the x-ns-company value before establishing a WebSocket channel,” Ryan Dewhurst, Head of Threat Intelligence at watchTowr, confirmed on Thursday. Rapid7 researchers published a technical analysis and proof-of-concept (PoC) exploit for CVE-2026-1731 on Tuesday, Feb. 10. Defused Cyber and GreyNoise have also detected widespread reconnaissance and limited exploitation activity. “So far … More → The post Hackers probe, exploit newly patched BeyondTrust RCE flaw (CVE-2026-1731) appeared first on Help Net Security.
http://news.poseidon-us.com/TQxDwG

Proofpoint acquires Acuvity to secure AI and agent-driven workflows

Proofpoint has acquired Acuvity, strengthening its platform with AI-native visibility, governance, and runtime protection for AI and agent-driven workflows. As generative AI reshapes how work gets done, organisations are deploying AI copilots, autonomous agents, and model-connected applications across every function, from software development and customer support to finance and legal. While these technologies unlock unprecedented productivity and innovation, they also introduce new classes of risk, including shadow AI, sensitive data exposure, intellectual property loss, regulatory … More → The post Proofpoint acquires Acuvity to secure AI and agent-driven workflows appeared first on Help Net Security.
http://news.poseidon-us.com/TQxDtz

Brutus: Open-source credential testing tool for offensive security

Brutus is an open-source, multi-protocol credential testing tool written in pure Go. Designed to replace legacy tools that have long frustrated penetration testers with dependency headaches and integration gaps, Brutus ships as a single binary with zero external dependencies and native support for the JSON-based reconnaissance pipelines that define offensive security. Solving a real workflow problem Credential testing should be straightforward: you have a list of services and a set of credentials, and you need … More → The post Brutus: Open-source credential testing tool for offensive security appeared first on Help Net Security.
http://news.poseidon-us.com/TQx7gx

Police arrests distributor of JokerOTP password-stealing bot

The Dutch National Police arrested a 21-year-old man from Dordrecht as part of a cybercrime investigation by Team Cybercrime Oost-Brabant. The suspect is believed to have distributed a tool known as JokerOTP, a bot used to intercept one-time passwords (OTPs) used to secure online accounts and financial transactions. Police suspect the Dordrecht resident of selling the bot through a Telegram account and of holding license keys associated with it. This marks the third arrest in … More → The post Police arrests distributor of JokerOTP password-stealing bot appeared first on Help Net Security.
http://news.poseidon-us.com/TQx7gp

OpenAI released GPT-5.3-Codex-Spark, a real-time coding model

OpenAI has released a research preview of GPT-5.3-Codex-Spark, an ultra-fast model for real-time coding in Codex. It is available to ChatGPT Pro users in the latest versions of the Codex app, the command-line interface, and the VS Code extension. The model delivers over 1,000 tokens per second when served on ultra-low-latency hardware while remaining capable of handling real-world coding tasks. “We’re sharing Codex-Spark on Cerebras as a research preview to ChatGPT Pro users so that … More → The post OpenAI released GPT-5.3-Codex-Spark, a real-time coding model appeared first on Help Net Security.
http://news.poseidon-us.com/TQx7dH

Why secure OT protocols still struggle to catch on

Industrial control system networks continue to run on legacy communication protocols that were built for reliability and uptime, not authentication or data integrity. In many environments, malicious actors with access to the OT network can impersonate devices, issue unauthenticated commands, or modify messages in transit without detection. A new guidance document from the Cybersecurity and Infrastructure Security Agency (CISA) explains why secure versions of common industrial protocols remain underused, even though they have existed since … More → The post Why secure OT protocols still struggle to catch on appeared first on Help Net Security.
http://news.poseidon-us.com/TQx5nD

Arctic Wolf expands MSP Security with Aurora Managed Endpoint Defense

Arctic Wolf has announced new endpoint security capabilities for its Managed Service Provider (MSP) partners. The addition of Aurora Managed Endpoint Defense, powered by the Arctic Wolf Aurora Platform, enables partners to deliver stronger customer protection, streamline service delivery, and expand their managed security offerings. As MSPs look to expand their customer base, the demands of delivering always-on protection can erode both margins and efficiency. At the same time, organizations of all sizes continue to … More → The post Arctic Wolf expands MSP Security with Aurora Managed Endpoint Defense appeared first on Help Net Security.
http://news.poseidon-us.com/TQx19v

Ubuntu 24.04.4 LTS arrives with cumulative security and bug fixes

Security teams running Ubuntu in production often delay major OS upgrades until the next point release arrives with accumulated patches and newer hardware support. Ubuntu 24.04.4 LTS is now available as refreshed installation media for Noble Numbat, bundling the latest updates and offering a current hardware enablement stack for new deployments. Support and update focus Ubuntu 24.04 LTS will receive maintenance updates and security patches for five years from its initial release, with Extended Security … More → The post Ubuntu 24.04.4 LTS arrives with cumulative security and bug fixes appeared first on Help Net Security.
http://news.poseidon-us.com/TQx19n

Edge computing’s biggest lie: “We’ll patch it later”

Edge computing is spreading fast, from factory floors to remote infrastructure. But many of these systems are hard to maintain once they are deployed. Devices may run old kernels, custom board support packages, or stacks that no one can rebuild years later. Updates can fail due to weak connectivity or power loss, and a mistake can brick thousands of systems at once. Add AI workloads that cannot tolerate downtime, and patching becomes even harder. In … More → The post Edge computing’s biggest lie: “We’ll patch it later” appeared first on Help Net Security.
http://news.poseidon-us.com/TQx18s

Cyber risk is becoming a hold-period problem for private equity firms

Private equity firms have spent years treating cybersecurity as an IT hygiene issue inside portfolio companies. That approach is getting harder to sustain as ransomware, data theft, and regulatory pressure interfere with value creation during the hold period. Has cybersecurity risk had any financial impact on your portfolio companies? (Source: Kroll) A recent Kroll survey of 325 private equity portfolio leaders found that 80% of firms experienced some form of disruption tied to cybersecurity risk … More → The post Cyber risk is becoming a hold-period problem for private equity firms appeared first on Help Net Security.
http://news.poseidon-us.com/TQwyBs