433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

What the EU AI Act requires for AI agent logging

The EU AI Act is 144 pages long. The logging requirements that matter for AI agent developers sit across four articles that keep referencing each other. Here’s what they say, when the deadlines hit, and where the gaps are. Your agent is probably high-risk The Act doesn’t mention “AI agents” by name. What matters is what the system does. If your agent scores credit applications, filters resumes, decides who gets healthcare benefits, prices insurance, or … More → The post What the EU AI Act requires for AI agent logging appeared first on Help Net Security.
http://news.poseidon-us.com/TS3mmj

Product showcase: Ente Auth encrypts, backs up, and syncs 2FA

Two-factor authentication (2FA) is an essential layer of protection for online accounts, and Ente Auth makes it easier to manage securely across devices. Ente Auth is a free, open-source authenticator app designed to generate and store one-time passcodes for 2FA. It supports setup through QR codes and manual entry, allowing users to add accounts and begin generating codes. Users can also import existing accounts from other authenticator apps, simplifying the transition without the need to … More → The post Product showcase: Ente Auth encrypts, backs up, and syncs 2FA appeared first on Help Net Security.
http://news.poseidon-us.com/TS3jtT

Wi-Fi roaming security practices for access network providers and identity providers

Public Wi-Fi roaming networks carry authentication credentials across multiple administrative boundaries, and the protocols governing that process vary widely in their security properties. The Wireless Broadband Alliance published a set of guidelines that specifies which authentication, encryption, and credential-handling practices operators should apply to networks running Passpoint and OpenRoaming. “What this work shows is that, by applying established best practices across authentication, encryption, identity privacy, signaling and federation governance, Wi-Fi can provide the level of … More → The post Wi-Fi roaming security practices for access network providers and identity providers appeared first on Help Net Security.
http://news.poseidon-us.com/TS3jtQ

European AI spending set to hit $290 billion by 2029

European enterprises are committing serious money to AI, and the numbers are accelerating. According to IDC’s Worldwide AI and Generative AI Spending Guide, AI spending across Europe will reach $290 billion by 2029, growing at a compound annual growth rate of 33.7%. Organizations across the continent are moving AI out of proof-of-concept projects and into core operations, with budgets reallocating toward multi-agent systems and AI-embedded enterprise strategies. Software leads on spending; AI platforms grow fastest … More → The post European AI spending set to hit $290 billion by 2029 appeared first on Help Net Security.
http://news.poseidon-us.com/TS3jsv

Windows is getting stronger RDP file protections to fight phishing attacks

Microsoft has introduced new Windows protections starting with the April 2026 security update to reduce phishing attacks that abuse Remote Desktop (.rdp) files. With these updates, the Remote Desktop Connection app displays stronger warning dialogs before a connection is established, shows details about the remote system, and requires users to review any request to share local resources such as drives or the clipboard. RDP files define how a system connects to a remote computer and … More → The post Windows is getting stronger RDP file protections to fight phishing attacks appeared first on Help Net Security.
http://news.poseidon-us.com/TS3ZR4

Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to achieve remote code execution or conduct path traversal attacks on an affected device. To exploit these vulnerabilities, the attacker must have valid administrative credentials. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ Security Impact Rating: Critical CVE: CVE-2026-20147,CVE-2026-20148
http://news.poseidon-us.com/TS3HT7

Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. This vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by providing crafted input to a specific CLI command. A successful exploit could allow the attacker to elevate their privileges to root on the underlying operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-cmd-inj-5WSJcYJB Security Impact Rating: Medium CVE: CVE-2026-20136
http://news.poseidon-us.com/TS3HT6

Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative write privileges to conduct a stored cross-site scripting (XSS) attack or a reflected XSS attack against a user of the web-based management interface of an affected device. These vulnerabilities are due to insufficient sanitization of user-supplied data that is stored in the web page. An attacker could exploit these vulnerabilities by convincing a user of the interface to click a specific link or view an affected web page. The injected script code may be executed in the context of the web-based management interface or allow the attacker to access sensitive browser-based information. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isexss-BS8ctE7U Security Impact Rating: Medium CVE: CVE-2026-20132
http://news.poseidon-us.com/TS3HT2