433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Hackers hijacked CPUID downloads, served STX RAT to victims

If you tried to download software from CPUID’s website late last week, you might have downloaded malware instead. “Investigations are still ongoing, but it appears that a secondary feature (basically a side API) was compromised for approximately six hours between April 9 and April 10, causing the main website to randomly display malicious links (our signed original files were not compromised),” Samuel Demeulemeester, a contributor to CPUID, stated on Friday, and apologized to affected users. … More → The post Hackers hijacked CPUID downloads, served STX RAT to victims appeared first on Help Net Security.
http://news.poseidon-us.com/TS1C1Q

Scans for EncystPHP Webshell, (Mon, Apr 13th)

Last week, I wrote about attackers scanning for various webshells, hoping to find some that do not require authentication or others that use well-known credentials. But some attackers are paying attention and are deploying webshells with more difficult-to-guess credentials. Today, I noticed some scans for what appears to be the “EncystPHP” web shell. Fortinet wrote about this webshell back in January. It appears to be a favorite among attackers compromising vulnerable FreePBX systems.
http://news.poseidon-us.com/TS17K2

“Giant superatoms” could finally solve quantum computing’s biggest problem

In the pursuit of powerful and stable quantum computers, researchers at Chalmers University of Technology, Sweden, have developed the theory for an entirely new quantum system – based on the novel concept of ‘giant superatoms’. This breakthrough enables quantum information to be protected, controlled, and distributed in new ways and could be a key step towards building quantum computers at scale.
http://news.poseidon-us.com/TS16nd

$12 million frozen, 20,000 victims identified in crypto scam crackdown

More than $12 million has been frozen, and over 20,000 victims have been identified in an international law enforcement operation targeting cryptocurrency and investment scammers. Authorities also uncovered more than $45 million in suspected cryptocurrency fraud losses worldwide. One UK victim identified during the operation is thought to have lost more than £52,000 to the fraud. According to the FBI’s report, cryptocurrency remained a central element in fraud-related activity, with losses totaling $11.3 billion. Investment … More → The post $12 million frozen, 20,000 victims identified in crypto scam crackdown appeared first on Help Net Security.
http://news.poseidon-us.com/TS16cT

Rockstar Games receives “pay or leak” warning after cyberattack

Rockstar Games, the developer behind titles such as Grand Theft Auto and Red Dead Redemption, has confirmed a cyberattack claimed by hacking group ShinyHunters, which says it accessed the company’s Snowflake environment and obtained data. The attackers exploited Anodot, a third-party SaaS platform used for cloud cost monitoring and analytics, as the entry point and are reported to have extracted authentication tokens, enabling access to a connected Snowflake account without exploiting vulnerabilities in Snowflake itself. … More → The post Rockstar Games receives “pay or leak” warning after cyberattack appeared first on Help Net Security.
http://news.poseidon-us.com/TS16bd

Google makes it harder to exploit Pixel 10 modem firmware

Google is working to improve the security of Pixel phones by focusing on the cellular baseband modem, a part of the device that handles communication with mobile networks and processes external data. In the Pixel 9, the company introduced measures to reduce memory-related vulnerabilities. With the Pixel 10, the approach goes further by integrating a DNS parser written in the Rust programming language into the modem firmware. The DNS protocol is known for helping browsers … More → The post Google makes it harder to exploit Pixel 10 modem firmware appeared first on Help Net Security.
http://news.poseidon-us.com/TS1341

Siemens expands Industrial Automation DataCenter with edge AI and cybersecurity

Siemens will present the next generation of its Industrial Automation DataCenter, a custom-configured data center for IT needs in production, expanding its turnkey solution into an AI-ready platform. Structure of the Siemens Industrial Automation DataCenter and its Remote Industrial Operations Services (Source: Siemens AG) In partnership with NVIDIA and in collaboration with Palo Alto Networks, Siemens delivers secure NVIDIA computing infrastructure at the edge for powerful AI acceleration, alongside NVIDIA BlueField data processing units (DPUs) … More → The post Siemens expands Industrial Automation DataCenter with edge AI and cybersecurity appeared first on Help Net Security.
http://news.poseidon-us.com/TS133l

Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621)

Adobe has pushed out an emergency security update for Adobe Acrobat Reader, patching a zero-day vulnerability (CVE-2026-34621) exploited in the wild since November 2025. About CVE-2026-34621 CVE-2026-34621 is a critical prototype pollution vulnerability – a type of vulnerability that occurs in JavaScript and allows attackers to add or modify an application’s JavaScript objects and properties. CVE-2026-34621 can lead to arbitrary code execution in the context of the current user, but it cannot be triggered remotely. … More → The post Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621) appeared first on Help Net Security.
http://news.poseidon-us.com/TS131Q