Category Archives: Uncategorized

DHS terminates two contracts, moving work to GSA

After small businesses spent hundreds of hours and tens of thousands of dollars on FirstSource III and PACTS III bids, DHS decided to cancel them. The post DHS terminates two contracts, moving work to GSA first appeared on Federal News Network.
http://news.poseidon-us.com/TLgDMF

Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)

If you haven’t recently updated the Sudo utility on your Linux box(es), you should do so now, to patch two local privilege escalation vulnerabilities (CVE-2025-32462, CVE-2025-32463) that have been disclosed on Monday. What is Sudo? Sudo is command-line utility in Unix-like operating systems that allows a low-privilege user to execute a command as another user, typically the root/administrator user. The utility effectively grants temporary elevated privileges without requiring the user to log in as root. … More → The post Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) appeared first on Help Net Security.
http://news.poseidon-us.com/TLfy8R

Cloudflare blocks AI crawlers by default, letting sites choose what gets scraped

Cloudflare is now the first major internet infrastructure company to block AI crawlers by default when they try to access website content without permission or payment. Starting today, website owners can choose whether to allow AI crawlers and set rules for how their content is used. “Original content is what makes the Internet one of the greatest inventions in the last century, and it’s essential that creators continue making it. AI crawlers have been scraping … More → The post Cloudflare blocks AI crawlers by default, letting sites choose what gets scraped appeared first on Help Net Security.
http://news.poseidon-us.com/TLfy73

Google patches actively exploited Chrome (CVE‑2025‑6554)

Google has released a security update for Chrome to address a zero‑day vulnerability (CVE-2025-6554) that its Threat Analysis Group (TAG) discovered and reported last week. “Google is aware that an exploit for CVE-2025-6554 exists in the wild,” the company said. About CVE-2025-6554 CVE-2025-6554 is a type confusion vulnerability in V8, the JavaScript and WebAssembly engine at the heart of Chrome and Chromium-based browsers. Remote, unauthenticated attackers can exploit this flaw by serving crafted HTML pages … More → The post Google patches actively exploited Chrome (CVE‑2025‑6554) appeared first on Help Net Security.
http://news.poseidon-us.com/TLfqNn

Scam centers are spreading, and so is the human cost

Human trafficking tied to online scam centers is spreading across the globe, according to a new crime trend update from INTERPOL. Human trafficking victims by country of origin (Source: INTERPOL) By March 2025, people from 66 countries had been trafficked into these scam operations, with every continent affected. INTERPOL found that 74% of victims were taken to scam centers in Southeast Asia, the original hotspot for this type of crime. But these centers are now … More → The post Scam centers are spreading, and so is the human cost appeared first on Help Net Security.
http://news.poseidon-us.com/TLfZr2

Tracer AI combats fraud, counterfeits and narrative attacks in ChatGPT

Tracer AI launched Tracer Protect for ChatGPT, a solution that protects brands from the reputational harm being propagated at machine scale via AI chatbots by bad actors. The rising popularity of generative AI (genAI) engines is driving the urgent and rapidly evolving brand security threat vector faced by enterprises. Tracer Protect for ChatGPT actively monitors ChatGPT results for mentions of Tracer customers’ brands, products, services and executives, and proactively identifies and neutralizes harmful schemes such … More → The post Tracer AI combats fraud, counterfeits and narrative attacks in ChatGPT appeared first on Help Net Security.
http://news.poseidon-us.com/TLfZpJ

Federal Reserve System CISO on aligning cyber risk management with transparency, trust

In this Help Net Security interview, Tammy Hornsby-Fink, CISO at Federal Reserve System, shares how the Fed approaches cyber risk with a scenario-based, intelligence-driven strategy. She explains how the Fed assesses potential disruptions to financial stability and addresses third-party and cloud service risks. Hornsby-Fink also discusses how federal collaboration supports managing systemic threats and strengthens operational resilience. As CISO of the Federal Reserve System, how do you assess and prioritize national-scale cyber threats that could … More → The post Federal Reserve System CISO on aligning cyber risk management with transparency, trust appeared first on Help Net Security.
http://news.poseidon-us.com/TLfZp1

DigitalOcean boosts identity management offerings with custom roles

DigitalOcean announced expanded capabilities for its identity management offerings with custom roles, the newest Role-Based Access Control (RBAC) offering for its cloud platform. This offering allows customers to create roles that are specifically tailored to the job responsibilities of their team members. As a result, custom roles allow organizations to apply the principle of least privilege, which helps to reduce security risks and strengthen the security of their cloud resources. Custom roles can reduce security … More → The post DigitalOcean boosts identity management offerings with custom roles appeared first on Help Net Security.
http://news.poseidon-us.com/TLfZjb

How cybercriminals are weaponizing AI and what CISOs should do about it

In a recent case tracked by Flashpoint, a finance worker at a global firm joined a video call that seemed normal. By the end of it, $25 million was gone. Everyone on the call except the employee was a deepfake. Criminals had used AI-powered cybercrime tactics to impersonate executives convincingly enough to get the payment approved. The top observed malicious LLMs mentioned on Telegram (Source: Flashpoint) Threat actors are building LLMs specifically for fraud and … More → The post How cybercriminals are weaponizing AI and what CISOs should do about it appeared first on Help Net Security.
http://news.poseidon-us.com/TLfRY1

GenAI is everywhere, but security policies haven’t caught up

Nearly three out of four European IT and cybersecurity professionals say staff are already using generative AI at work, up ten points in a year, but just under a third of organizations have put formal policies in place, according to new ISACA research. The use of AI is becoming more prevalent within the workplace, and so regulating its use is best practice. Yet 31% of organizations have a formal, comprehensive AI policy in place, highlighting … More → The post GenAI is everywhere, but security policies haven’t caught up appeared first on Help Net Security.
http://news.poseidon-us.com/TLfRXf