433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Recently fixed HPE OneView flaw is being exploited (CVE-2025-37164)

An unauthenticated remote code execution vulnerability (CVE-2025-37164) affecting certain versions of HPE OneView is being leveraged by attackers, CISA confirmed by adding the flaw to its Known Exploited Vulnerabilities catalog. The vulnerability’s inclusion in the catalog is unsurprising, as technical details and a Metasploit module were made public soon after it was disclosed, making exploitation by less-skilled attackers easier. About HPE OneView and CVE-2025-37164 HPE OneView is a centralized infrastructure management platform used to deploy, … More → The post Recently fixed HPE OneView flaw is being exploited (CVE-2025-37164) appeared first on Help Net Security.
http://news.poseidon-us.com/TQDVZm

Vannadium’s Leap combines on-chain performance and data integrity for explainable AI

Vannadium has launched Leap, a platform that combines blockchain-level data integrity with real-time, on-chain performance. As AI is adopted in sectors like healthcare, finance, and supply chain, the reliability of underlying data has become a critical concern. Leap addresses this by helping organizations prove what’s true. Leap allows secure storage and streaming of high-value data—video, documents, logs, and more, directly on chain, with full provenance and access control. It turns blockchain into a foundation for … More → The post Vannadium’s Leap combines on-chain performance and data integrity for explainable AI appeared first on Help Net Security.
http://news.poseidon-us.com/TQDVZb

Cyera secures $400M to scale AI-native data security platform and enterprise adoption

Cyera announced a $400 million Series F funding round, bringing its total funding to over $1.7 billion. This raise comes just over six months after the previous round and triples the company’s valuation from a year ago to $9 billion. The round was led by funds managed by Blackstone and supported by all inside investors including Accel, Coatue, Cyberstarts, Georgian, Greenoaks, Lightspeed Venture Partners, Redpoint, Sapphire, Sequoia Capital, and Spark. The adoption of AI among … More → The post Cyera secures $400M to scale AI-native data security platform and enterprise adoption appeared first on Help Net Security.
http://news.poseidon-us.com/TQDVYV

PoC released for unauthenticated RCE in Trend Micro Apex Central (CVE-2025-69258)

Trend Micro has released a critical patch fixing several remotely exploitable vulnerabilities in Apex Central (on-premise), including a flaw (CVE-2025-69258) that may allow unauthenticated attackers to achieve code execution on affected installations. The three vulnerabilities were unearthed and privately reported by Tenable bug hunters last year, and they now published technical details and PoC exploits for each. CVE-2025-69258 and the other flaws Apex Central on-premise is a central management platform through which IT/security teams manage, … More → The post PoC released for unauthenticated RCE in Trend Micro Apex Central (CVE-2025-69258) appeared first on Help Net Security.
http://news.poseidon-us.com/TQDL23

IPFire update brings new network and security features to firewall deployments

Security and operations teams often work with firewall platforms that require frequent tuning or upgrades to meet evolving network demands. IPFire has released its 2.29 Core Update 199, aimed at network and protection teams that manage this open source firewall distribution. Wi-Fi and network protocol support changes Core Update 199 adds support for the latest Wi-Fi standards, including Wi-Fi 6 and Wi-Fi 7. These additions give teams the ability to use broader channel bandwidths and … More → The post IPFire update brings new network and security features to firewall deployments appeared first on Help Net Security.
http://news.poseidon-us.com/TQDDKd

Cybercriminals are scaling phishing attacks with ready-made kits

Phishing-as-a-Service (PhaaS) kits lower the barrier to entry, enabling less-skilled attackers to run large-scale, targeted phishing campaigns that impersonate legitimate services and institutions, according to Barracuda Networks. Phishing kits grow more sophisticated and scalable Barracuda threat analysts found that in 2025 the most common phishing themes were designed to trick users into clicking links, scanning QR codes, opening attachments, or sharing personal information with attackers. These techniques remain successful despite years of security controls and … More → The post Cybercriminals are scaling phishing attacks with ready-made kits appeared first on Help Net Security.
http://news.poseidon-us.com/TQD7wd

StackRox: Open-source Kubernetes security platform

Security teams spend a lot of time stitching together checks across container images, running workloads, and deployment pipelines. The work often happens under time pressure, with engineers trying to keep clusters stable while meeting internal policy requirements. The StackRox open source project sits in that space, offering a Kubernetes security platform that teams can run and adapt on their own. What the StackRox project covers The StackRox platform focuses on Kubernetes and container security across … More → The post StackRox: Open-source Kubernetes security platform appeared first on Help Net Security.
http://news.poseidon-us.com/TQD5Dy

What happens to insider risk when AI becomes a coworker

In this Help Net Security video, Ashley Rose, CEO at Living Security, discusses how AI is changing insider risk. AI is now built into daily work across departments, which shifts how risk shows up and how security teams should respond. Rose argues that insider risk now includes AI systems, automated workflows, and agents that can take action on their own. She explains that most risky behavior comes from broken processes, confusing workflows, and friction that … More → The post What happens to insider risk when AI becomes a coworker appeared first on Help Net Security.
http://news.poseidon-us.com/TQD5Dv