433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Smart glasses are back, privacy issues included

AI smart glasses are the latest addition to fashion, and they include a camera, a microphone, AI, and privacy risks. After Google Glass failed to gain traction more than a decade ago, the category is seeing renewed interest as companies redesign the technology to look like ordinary eyewear. Meta and privacy The most popular model on the market comes from a partnership between Ray-Ban and Meta, combining mainstream fashion with a company known for privacy … More → The post Smart glasses are back, privacy issues included appeared first on Help Net Security.
http://news.poseidon-us.com/TQmYnh

AI is driving a new kind of phishing at scale

Email remains a primary entry point for attackers, and security teams continue to manage high volumes of malicious messages that change form across campaigns. Attackers generate large numbers of messages with small variations in wording, structure, and delivery paths. AI systems now sit at the center of this activity, supporting generation, testing, and rollout of phishing campaigns. The Cofense research documents this environment as it exists across enterprise inboxes, with one malicious email identified on … More → The post AI is driving a new kind of phishing at scale appeared first on Help Net Security.
http://news.poseidon-us.com/TQmW0C

Cybersecurity planning keeps moving toward whole-of-society models

National governments already run cybersecurity through a mix of ministries, regulators, law enforcement, and private operators that own most critical systems. In that environment, guidance circulating among policymakers outlines how national cybersecurity strategies increasingly tie together risk management, workforce planning, technology standards, and coordination across sectors. Across many countries, national cybersecurity strategies now function as organizing frameworks that link economic policy, national security, and digital services. The approach treats cybersecurity as a shared responsibility that … More → The post Cybersecurity planning keeps moving toward whole-of-society models appeared first on Help Net Security.
http://news.poseidon-us.com/TQmW09

Measuring AI use becomes a business requirement

Enterprise teams already run dozens of AI tools across daily work. Usage stretches from code generation and analytics to customer support drafting and internal research. Oversight remains uneven across roles, functions, and industries. A new Larridin survey of enterprise leaders places measurement and governance at the center of this operating environment. Executives frequently express confidence in their understanding of AI activity across the organization. Directors and managers closer to daily operations describe a different condition. … More → The post Measuring AI use becomes a business requirement appeared first on Help Net Security.
http://news.poseidon-us.com/TQmVz7

Incognito dark web drug market operator gets 30 years in prison

Rui-Siang Lin, a Taiwanese national, was sentenced to 30 years in U.S. federal prison for operating Incognito Market, one of the world’s largest illicit online narcotics marketplaces. Incognito Market splash page and graphical interface Incognito Market operated on the dark web from October 2020 until it closed in March 2024. The platform functioned as a centralized marketplace accessible through the Tor browser and supported drug sales to buyers around the world. Vendors used the site … More → The post Incognito dark web drug market operator gets 30 years in prison appeared first on Help Net Security.
http://news.poseidon-us.com/TQlwL0

ConnectSecure introduces Linux patching capability to simplify cross-distro updates

ConnectSecure announced the launch of a new cross-platform Linux operating system patching capability. The update eliminates the complexity of managing fragmented Linux environments by delivering a single, unified interface for deploying critical security updates across the four most widely used Linux distributions: Red Hat, Ubuntu, Debian, and CentOS. The new capability helps MSPs and security teams automate the identification and deployment of kernel and OS patches without requiring distribution-specific tools. As a result, organizations can … More → The post ConnectSecure introduces Linux patching capability to simplify cross-distro updates appeared first on Help Net Security.
http://news.poseidon-us.com/TQlwKH

Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-xss-bYeVKCD Security Impact Rating: Medium CVE: CVE-2026-20111
http://news.poseidon-us.com/TQlttw

Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability

A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of input received by an affected device. An attacker could exploit this vulnerability by getting the affected device to render crafted text, for example, a crafted meeting invitation. As indicated in the CVSS score, no user interaction is required, such as accepting the meeting invitation. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tce-roomos-dos-9V9jrC2q Security Impact Rating: High CVE: CVE-2026-20119
http://news.poseidon-us.com/TQlttp