433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Zluri addresses expanding identity attack surface across SaaS, cloud, and AI

Enterprise identity is undergoing a fundamental shift. Employees are no longer the only identities operating inside organizations. Service accounts, machine identities, application integrations, and AI agents now interact with enterprise systems at scale, accelerating the growth of non-human identities and expanding the identity attack surface across SaaS applications, cloud infrastructure, and on-premises systems. To address this shift, Zluri expanded its platform to deliver the Zluri Identity Security Platform, helping enterprises discover, govern, and monitor identities … More → The post Zluri addresses expanding identity attack surface across SaaS, cloud, and AI appeared first on Help Net Security.
http://news.poseidon-us.com/TRf6pf

Russian hackers go after high-value targets through Signal

Russian intelligence-linked hackers are targeting commercial messaging platforms, with Signal a primary focus, the FBI and CISA warn. The campaign is aimed at individuals of intelligence interest, including government personnel, journalists, and others with access to sensitive communications. It is believed that the campaign has compromised thousands of commercial messaging applications accounts. People who use these applications can develop a false sense of security, believing they are protected from hacking. Criminals exploit this through phishing … More → The post Russian hackers go after high-value targets through Signal appeared first on Help Net Security.
http://news.poseidon-us.com/TRf6pR

Zero Networks Kubernetes Access Matrix exposes hidden access paths and blast radius

Zero Networks has announced the Kubernetes Access Matrix, a real time visual map that exposes every allowed and denied rule inside Kubernetes clusters. The new capability enables security and DevOps teams to see, understand, and control Kubernetes access at scale, closing “understanding what is going on inside K8s” gaps that leave organizations exposed to lateral movement and operational risk. In most IT environments, security and infrastructure teams control what can talk to what. In Kubernetes, … More → The post Zero Networks Kubernetes Access Matrix exposes hidden access paths and blast radius appeared first on Help Net Security.
http://news.poseidon-us.com/TRf6lP

Booz Allen’s Vellox brings AI vs. AI defense to protect critical infrastructure and national security

Booz Allen Hamilton’s new Vellox suite showcases how AI-native cyber defense can counter growing threats to U.S. national security and critical infrastructure. The company’s new threat report, When Cyberattacks Happen at AI Speed, shows that AI is widening the gap between the speed of cyberattacks and time to respond. In 2025, the average breakout time from initial access to ability to move into other systems “dropped to under 30 minutes, with the fastest cases measured … More → The post Booz Allen’s Vellox brings AI vs. AI defense to protect critical infrastructure and national security appeared first on Help Net Security.
http://news.poseidon-us.com/TRf2wh

Your AI agents are moving sensitive data. Do you know where?

In this Help Net Security interview, Gidi Cohen, CEO at Bonfy.AI, addresses what he sees as the most pressing gap in AI agent security: data-layer risk. While the industry focuses on prompt injection and model behavior, Cohen argues the deeper threat is autonomous AI agents operating across systems with no visibility into what data they access, combine, or expose. He explains how Bonfy.AI approaches this through three areas: controlling what data agents can access for … More → The post Your AI agents are moving sensitive data. Do you know where? appeared first on Help Net Security.
http://news.poseidon-us.com/TRf2v1

Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps

GitLab CI/CD pipelines often accumulate configuration decisions that drift from security baselines over time. Container images get pinned to mutable tags, branches lose protection settings, and required templates go missing. An open-source tool called Plumber automates the detection of those conditions by scanning pipeline configuration and repository settings directly. What Plumber checks Plumber reads a project’s .gitlab-ci.yml file and queries the GitLab API to produce a compliance report. It includes eight controls that teams can … More → The post Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps appeared first on Help Net Security.
http://news.poseidon-us.com/TRf0Jm

NIST updates its DNS security guidance for the first time in over a decade

DNS infrastructure underpins nearly every network connection an organization makes, yet security configurations for it have gone largely unrevised at the federal guidance level for more than twelve years. NIST published SP 800-81r3, the Secure Domain Name System Deployment Guide, superseding a version that dates to 2013. The document covers three main areas: using DNS as an active security control, securing the DNS protocol itself, and protecting the servers and infrastructure that run DNS services. … More → The post NIST updates its DNS security guidance for the first time in over a decade appeared first on Help Net Security.
http://news.poseidon-us.com/TRdzPM