433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

New infosec products of the week: December 5, 2025

Here’s a look at the most interesting products from the past week, featuring releases from BlackFog, Datadog, Forward Edge-AI, SandboxAQ, and Upwind. BlackFog releases ADX Vision to block data loss from unapproved AI use BlackFog announced the availability of its newest solution, ADX Vision. Designed to secure every endpoint and every LLM interaction, ADX Vision gives organizations the visibility and control needed to manage AI securely. Operating directly on the device, it detects shadow AI … More → The post New infosec products of the week: December 5, 2025 appeared first on Help Net Security.
http://news.poseidon-us.com/TPdxYn

Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025

On December 3, 2025, the React team released a security advisory regarding a vulnerability, CVE-2025-55182, in the React server that could allow an unauthenticated, remote attacker to perform remote code execution on an affected device or system. For a description of this vulnerability, see the public React Security Advisory. Cisco’s standard practice is to update integrated third-party software components to later versions as they become available. This advisory will be updated as additional information becomes available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-react-flight-TYw32Ddb Security Impact Rating: Critical CVE: CVE-2025-55182
http://news.poseidon-us.com/TPdmXx

Malicious Rust packages targeted Web3 developers

A malicious Rust crate (package) named evm-units, aimed at stealing cryptocurrency from unsuspecting developers, has been pulled from the official public package registry for the Rust programming language, but not before having been downloaded 7257 times. Another package (uniswap-utils) by the same author appeared to be benign, but depends on evm-units and calls it in one of its files. That package has been removed as well, after having been downloaded 7441 times, the crates.io team … More → The post Malicious Rust packages targeted Web3 developers appeared first on Help Net Security.
http://news.poseidon-us.com/TPdL3k

SpecterOps and Tines partner to add native BloodHound and automated attack path workflows

SpecterOps and Tines announced a strategic partnership that brings native BloodHound integration to Tines, enabling customers to operationalize Attack Path Management through automated, AI-assisted workflows. This partnership combines SpecterOps’ identity Attack Path Management capabilities with Tines’ intelligent workflow platform, freeing security teams from repetitive tasks, making identity risks actionable and measurable, and empowering analysts by integrating AI-assisted workflows into their investigation. “We’re thrilled to be working with Tines,” said Justin Kohler, Chief Product Officer at … More → The post SpecterOps and Tines partner to add native BloodHound and automated attack path workflows appeared first on Help Net Security.
http://news.poseidon-us.com/TPdKzc