433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Cisco Finesse Remote File Inclusion Vulnerability

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input for HTTP requests that are sent to an affected device. An attacker who has knowledge of the address of the affected device could exploit this vulnerability by persuading a user to click a crafted link that contains the affected device address. A successful exploit could allow the attacker to conduct browser-based attacks and execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-rfi-gwpkdc89 Security Impact Rating: Medium CVE: CVE-2026-20175
http://news.poseidon-us.com/TSs8cF

Only 11% of production agents pass the AI agent security bar

Enterprise teams are running AI agents that write code, drive browsers, answer customer calls, manage cloud infrastructure, and query data warehouses with standing credentials. A new independent assessment of 100 production agents finds that nearly all of them carry the conditions for a single hostile document to take them over. The AI Risk Quadrant (AIRQ) report, a 2026 Q2 edition produced by independent researchers, scores 100 commercial and publicly available AI agents across three dimensions: … More → The post Only 11% of production agents pass the AI agent security bar appeared first on Help Net Security.
http://news.poseidon-us.com/TSrx0T

Google adds a silent check to catch scammers posing as your contacts

Android is introducing fake call detection to help protect users from impersonation scams. The feature can detect and flag suspected spoofed calls when both parties use Phone by Google on Android 12 or later. It will roll out globally this month, starting with Pixel devices. Story of two calls from “Mom” (Source: Google) “Fake call detection helps protect you, your family and friends by identifying when a caller isn’t who they claim to be, giving … More → The post Google adds a silent check to catch scammers posing as your contacts appeared first on Help Net Security.
http://news.poseidon-us.com/TSrlCS

Microsoft Scout agent opens a new category of always-on Autopilots

Workplace AI assistants have mostly waited for a prompt before doing anything. A user asks, the tool answers, and the exchange ends there. Microsoft is putting a different kind of agent inside its Office applications, one designed to keep operating in the background once a person stops paying attention. The company introduced Microsoft Scout, calling it the first entry in a category it labels Autopilots. What an Autopilot does Autopilots are always-on agents that run … More → The post Microsoft Scout agent opens a new category of always-on Autopilots appeared first on Help Net Security.
http://news.poseidon-us.com/TSrlCJ

Anthropic expands Project Glasswing to 150 organizations in more than 15 countries

Anthropic is expanding Project Glasswing, its cybersecurity initiative built around the Claude Mythos Preview model, by adding about 150 organizations following several weeks of work with its initial group of partners, security firms, open-source maintainers, and government agencies. Organizations joining the program must meet security requirements before gaining access, Anthropic noted. The expansion brings the program to organizations in more than 15 countries and includes sectors such as healthcare, energy, communications, technology, and other infrastructure … More → The post Anthropic expands Project Glasswing to 150 organizations in more than 15 countries appeared first on Help Net Security.
http://news.poseidon-us.com/TSrl9r

Critical Start expands MDR capabilities with multi-agent AI system

Critical Start has released SOC AI, a production-proven multi-agent framework powering its AI-led Managed Detection and Response (MDR). SOC AI coordinates ten specialized agents across the full alert investigation and response lifecycle, covering detection, triage, response, threat hunting, and continuous improvement. Each agent operates with a discrete function, a defined scope, and a complete audit trail on every action taken. After implementation of SOC AI, Investigation Agent enhanced thousands of investigations, compressing analyst time-to-investigate to … More → The post Critical Start expands MDR capabilities with multi-agent AI system appeared first on Help Net Security.
http://news.poseidon-us.com/TSrgpd

MazeBolt brings AI-generated attack simulation to DDoS security testing

MazeBolt has announced the launch of RADAR VectorAI, a new MazeBolt module that creates AI-generated DDoS attacks. As AI outpaces human response, enterprises need to have access to validated DDoS vulnerability data about both known and AI-generated attack vectors. Mythos has raised awareness of the cybersecurity risks created by AI. But while Mythos makes it faster and easier for attackers to identify exploitable gaps in software, it does not address DDoS vulnerabilities. VectorAI functions as … More → The post MazeBolt brings AI-generated attack simulation to DDoS security testing appeared first on Help Net Security.
http://news.poseidon-us.com/TSrgp6

Netskope adds AI asset discovery and AISecOps agent to AI security portfolio

Netskope has announced Netskope One AI Command Center, bringing together AI discovery, risk intelligence, and autonomous response capabilities in a single platform. As the latest expansion of the Netskope One AI Security suite, it helps security teams understand what AI is running in their environments, determine which risks require action, and accelerate response efforts. Among enterprises tracked by Netskope Threat Labs, the average enterprise organization saw the number of AI applications in use grow fivefold … More → The post Netskope adds AI asset discovery and AISecOps agent to AI security portfolio appeared first on Help Net Security.
http://news.poseidon-us.com/TSrdGS

A small Slovenian team handles 6,000 cyber incidents a year

Online fraud complaints, ransomware cases, and phishing tips reach Slovenia’s national cyber response center in steady volume, and a team of around a dozen analysts sorts through them. Gorazd Božič, who manages SI-CERT at the public agency ARNES, described that work in an interview conducted in person at the Span Cyber Security Arena conference. He put the original proposal for a Slovenian CERT to ARNES leadership in 1994, and the center now records about 6,000 … More → The post A small Slovenian team handles 6,000 cyber incidents a year appeared first on Help Net Security.
http://news.poseidon-us.com/TSrdFx