433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

HR, recruiters targeted in year-long malware campaign

An attack campaign targeting HR departments and job recruiters has been stealthily compromising systems, Aryaka researchers have discovered. By avoiding analysis environments and leveraging a specialized module designed to kill antivirus and endpoint detection software, the Russian-speaking attacker(s) behind this campaign have managed to keep their activity largely under the radar. “We currently lack telemetry to determine how widespread the campaign is,” Aditya K. Sood, Aryaka’s VP of Security Engineering & AI Strategy, told Help … More → The post HR, recruiters targeted in year-long malware campaign appeared first on Help Net Security.
http://news.poseidon-us.com/TRPg18

Microsoft flips Windows Autopatch to default hotpatch security updates

Microsoft is changing the default behavior in Windows Autopatch so that hotpatch security updates are enabled automatically for eligible devices managed through Microsoft Intune or the Microsoft Graph API starting with the May 2026 Windows security update. Windows Autopatch is a Microsoft-managed service that automates updates for Windows and Office. It also lets IT administrators pause updates and roll them back if devices fail to meet performance targets after installation. Introduced about a year ago, … More → The post Microsoft flips Windows Autopatch to default hotpatch security updates appeared first on Help Net Security.
http://news.poseidon-us.com/TRPg17

Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts

Phishers are targeting AWS accounts holders with fake email security alerts and redirecting them to a high-fidelity clone of the AWS Management Console sign-in page, Datadog researchers have warned. The cloned AWS phishing page (Source: Datadog Security Labs) The campaign has been running since the end of February and possibly earlier. “In one observed case, the operator authenticated to a compromised AWS account within 20 minutes of credential submission,” the researchers noted. Fake AWS security … More → The post Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts appeared first on Help Net Security.
http://news.poseidon-us.com/TRPg0C

Terra Portal adds human-governed AI to live production pentesting

Terra Security has announced the launch of Terra Portal, its agentic desktop app that serves as an execution layer for pentesters to direct and oversee AI-driven testing in live production environments. Terra Portal reduces the discovery-to-fix cycle for vulnerabilities from the industry average of nearly three months to a matter of hours without sacrificing safety or compliance. As a result, customers can now remediate critical findings well within the Cybersecurity and Infrastructure Security Agency’s (CISA) … More → The post Terra Portal adds human-governed AI to live production pentesting appeared first on Help Net Security.
http://news.poseidon-us.com/TRPZc5

Unpacking your top questions on agentic AI: The Shift podcast

Today we’re introducing “The Shift” podcast, an evolution of “Leading the Shift,” to share more dialogue. Grounded in questions we heard from you after announcements at Ignite, we’re releasing eight episodes this spring. The post Unpacking your top questions on agentic AI: The Shift podcast appeared first on Microsoft Azure Blog.
http://news.poseidon-us.com/TRPXmN

Armadin secures $189.9 million to counter AI-driven cyber threats

Armadin has raised $189.9 million in Seed and Series A funding. Led by Accel, with participation from Google Ventures, Kleiner Perkins, Menlo Ventures, In-Q-Tel, and follow-on investment from 8VC and Ballistic Ventures, this marks the largest combined Seed and Series A funding round in cybersecurity history. Armadin’s mission is to prepare organizations for the speed and scale of AI-driven threats. Closing the hyperattack gap AI-powered attackers are launching faster, more complex campaigns that overwhelm security … More → The post Armadin secures $189.9 million to counter AI-driven cyber threats appeared first on Help Net Security.
http://news.poseidon-us.com/TRPW5c

Teen crew caught selling DDoS attack tools

Seven minors who distributed online programs designed to facilitate DDoS attacks have been identified by Poland’s Central Bureau for Combating Cybercrime (CBZC). They were between 12 and 16 at the time of the crime. CBZC officer during a cybercrime investigation (Source: Poland’s Central Bureau for Combating Cybercrime) According to investigators, using the tools they administered, the minors attacked popular websites, including auction and sales portals, IT domains, hosting services and accommodation booking sites. The activity … More → The post Teen crew caught selling DDoS attack tools appeared first on Help Net Security.
http://news.poseidon-us.com/TRPW4s

This spy tool has been quietly stealing data for years

ESET researchers have traced the resurgence of Sednit through a modern toolkit built around two complementary implants, BeardShell and Covenant, each relying on a separate cloud provider to ensure operational resilience. This dual-implant architecture has enabled sustained surveillance of Ukrainian military personnel since at least April 2024. The Sednit group itself was tied to Unit 26165 of the GRU by the US Department of Justice in 2016, identifying it as part of Russia’s Main Intelligence … More → The post This spy tool has been quietly stealing data for years appeared first on Help Net Security.
http://news.poseidon-us.com/TRPW4m

Mimecast brings gateway-grade email security to API deployment

Mimecast has announced that its complete email security protection stack is now available through API deployment, eliminating a fundamental trade-off in the market. Standalone integrated cloud email security (ICES) solutions offered fast deployment but came at a cost: they were built primarily for targeted, sophisticated attacks and relied on native Microsoft or Google controls to handle the volume of everyday threats. The just-released Mimecast State of Human Risk 2026 report quantifies the cost of that … More → The post Mimecast brings gateway-grade email security to API deployment appeared first on Help Net Security.
http://news.poseidon-us.com/TRPW4g

New Claude tool uses AI agents to find bugs in pull requests

Anthropic’s Claude Code Review is a new tool, available as a research preview beta for Team and Enterprise plans, that sends a team of AI agents to examine every pull request. “We needed a reviewer we could trust on every PR. Code Review is the result: deep, multi-agent reviews that catch bugs human reviewers often miss themselves. It’s a more thorough (and more expensive) option than our existing Claude Code GitHub Action, which remains open … More → The post New Claude tool uses AI agents to find bugs in pull requests appeared first on Help Net Security.
http://news.poseidon-us.com/TRPW4b