433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Trellix strengthens data security for the GenAI era

Trellix announced enhanced data security capabilities and a strategic framework designed to help organizations confidently adopt generative AI while protecting sensitive data from exposure and loss. “The rapid adoption of AI tools across the enterprise is creating new and often invisible data risks,” said Alex Au Yeung, CPO, Trellix. “Trellix brings together policy, visibility, and enforcement in a unified framework to help customers control how data is used across both sanctioned and shadow AI.” In … More → The post Trellix strengthens data security for the GenAI era appeared first on Help Net Security.
http://news.poseidon-us.com/TRxGz7

Social engineering attacks on open source developers are escalating

North Korean hackers spent weeks socially engineering an Axios maintainer through a fake Slack workspace, a cloned company identity, and a fabricated Microsoft Teams call that tricked him into installing a RAT posings as a software update. They used the access they gained to inject malware into npm packages downloaded 100+ million times a week. Now, a fresh Open Source Security Foundation (OpenSSF) advisory warns unknown attackers are using a similar approach to target other … More → The post Social engineering attacks on open source developers are escalating appeared first on Help Net Security.
http://news.poseidon-us.com/TRwwjh

Iranian cyber activity hits US energy, water, and government networks

U.S. government agencies on Tuesday warned American organizations about ongoing cyber activity targeting OT and PLC devices, including those manufactured by Rockwell Automation and Allen-Bradley, across multiple critical infrastructure sectors. The activity has been attributed to Iranian-affiliated APT actors seeking to disrupt operations in the United States. Disruptions across critical sectors The advisory, issued by federal cybersecurity and law enforcement agencies, said the activity aligns with heightened geopolitical tensions involving Iran, the United States, and … More → The post Iranian cyber activity hits US energy, water, and government networks appeared first on Help Net Security.
http://news.poseidon-us.com/TRwpMy

Chaos malware expands from routers to Linux cloud servers

Chaos, Go-based malware first documented by Lumen’s Black Lotus Labs, has historically targeted routers and edge devices. A new variant observed in March 2026 shows the malware operating against misconfigured Linux cloud servers, a category of infrastructure the botnet had not previously prioritized. Darktrace’s malware research team documented the compromise through its CloudyPots program, a global honeypot network the company runs to capture attacker behavior across a range of services and cloud platforms. One honeypot … More → The post Chaos malware expands from routers to Linux cloud servers appeared first on Help Net Security.
http://news.poseidon-us.com/TRwpMs

Flatpak 1.16.4 fixes sandbox escape and three other security flaws

Flatpak, a Linux application sandboxing and distribution framework, released version 1.16.4, patching four security vulnerabilities. The most severe fix addresses a complete sandbox escape that leads to host file access and code execution in the host context, tracked as CVE-2026-34078. File system exposure Two additional fixes address file system exposure on the host. CVE-2026-34079 prevents arbitrary file deletion on the host filesystem. GHSA-2fxp-43j9-pwvc prevents arbitrary read-access to files in the system-helper context. The fourth fix, … More → The post Flatpak 1.16.4 fixes sandbox escape and three other security flaws appeared first on Help Net Security.
http://news.poseidon-us.com/TRwpMm

Secureframe expands Comply with User Access Reviews for automated governance

Secureframe has announced the launch of User Access Reviews, a new capability within Secureframe Comply. Access reviews are the primary mechanism organizations use to validate that the right people have the appropriate access, but the process has historically been manual, fragmented, and difficult to audit. Most teams still conduct access reviews using exported spreadsheets and email threads, creating accountability gaps and leaving security incidents waiting to happen. User Access Reviews eliminates that risk. The new … More → The post Secureframe expands Comply with User Access Reviews for automated governance appeared first on Help Net Security.
http://news.poseidon-us.com/TRwpM8