Uncategorized Archives

macOS vulnerability allowed Keychain and iOS app decryption without a password

Sep 4, 2025

Today at Nullcon Berlin, a researcher disclosed a macOS vulnerability (CVE-2025-24204) that allowed attackers to read the memory of any process, even with System Integrity Protection (SIP) enabled. The issue stems from Apple mistakenly granting the /usr/bin/gcore utility the com.apple.system-task-ports.read entitlement in macOS 15.0 (Sequoia). Apple removed the entitlement in macOS 15.3. Koh M. Nakagawa speaking at Nullcon Berlin 2025 This entitlement gave gcore the ability to read the memory of any process on the … More → The post macOS vulnerability allowed Keychain and iOS app decryption without a password appeared first on Help Net Security.
http://news.poseidon-us.com/TMt3Tn

From CastleLoader to CastleRAT: TAG-150 Advances Operations with Multi-Tiered Infrastructure

Sep 4, 2025

Insikt Group reveals TAG-150’s multi-tiered infrastructure and CastleRAT malware—an advanced threat actor evolving rapidly with stealth and scale.
http://news.poseidon-us.com/TMt1DD

Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690)

Sep 4, 2025

A threat actor is leveraging a zero-day vulnerability (CVE-2025-53690) and an exposed sample ASP.NET machine key to breach internet-facing, on-premises deployments of several Sitecore solutions, Mandiant has revealed. About CVE-2025-53690 CVE-2025-53690 is a ViewState deserialization vulnerability that affects any version of Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud. Deployed instances are affected by this vulnerability if they have been deployed by using a sample machine key that has been … More → The post Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690) appeared first on Help Net Security.
http://news.poseidon-us.com/TMsvTy

Transgender federal employees say they face fear and discrimination under Trump

Sep 4, 2025

Compared to private sector workers, transgender federal employees are especially vulnerable because many ultimately answer to the president, said Olivia Hunt. The post Transgender federal employees say they face fear and discrimination under Trump first appeared on Federal News Network.
http://news.poseidon-us.com/TMstBG

House lawmakers advance steeper IRS cuts than what Trump proposed

Sep 4, 2025

House lawmakers rejected the Trump administration’s request for more than $850 million to help the IRS hire an additional 11,000 call center representatives. The post House lawmakers advance steeper IRS cuts than what Trump proposed first appeared on Federal News Network.
http://news.poseidon-us.com/TMssM5

House lawmakers advance steeper IRS cuts than what Trump proposed

Sep 4, 2025

Digital maturity playbook: Strategies, tools and expert guidance

Sep 4, 2025

Top technology leaders from Brillient, Deloitte, Future Tech and Northrop Grumman share six insights on building resilient, mission-driven digital ecosystems. The post Digital maturity playbook: Strategies, tools and expert guidance first appeared on Federal News Network.
http://news.poseidon-us.com/TMssCS

On DoD: Army DEVCOM Analysis Center

Sep 4, 2025

Gain insights into how AI reliability is being tested, what partnerships are helping drive progress and how defense leaders are thinking about risk mitigation in real-world military environments. The post On DoD: Army DEVCOM Analysis Center first appeared on Federal News Network.
http://news.poseidon-us.com/TMssBQ

Digital maturity playbook: Strategies, tools and expert guidance

Sep 4, 2025

Digital maturity playbook: Strategies, tools and expert guidance

Sep 4, 2025