Blog

Lyrie: Open-source autonomous pentesting agent

Penetration testing has usually required weeks of manual work, specialized tooling, and teams with narrow skill sets. Lyrie, an open-source autonomous security agent built by OTT Cybersecurity, compresses that process into a command line tool and publishes the entire codebase. The project reached version 3.1.0 this month. The release adds XChaCha20-Poly1305 memory encryption for sensitive threat data, seven new proof-of-concept generators covering prompt injection, auth bypass, CSRF, open redirect, race conditions, secret exposure, and cross-site … More → The post Lyrie: Open-source autonomous pentesting agent appeared first on Help Net Security.
http://news.poseidon-us.com/TSbWTW

AI shrinks vulnerability exploitation window to hours

Time has become organizations’ biggest vulnerability because the gap between vulnerability discovery and exploitation has narrowed to hours, according to Synack’s 2026 State of Vulnerabilities Report. Total vulnerabilities by severity (2022-2025) (Source: Synack) AI expands the attack surface Agentic AI systems that act autonomously across systems introduce new risks that require human expertise to identify and understand. Automated scanning detects known signatures but can miss logic flaws, misconfigurations, and unexpected behavior. In 2025, mean time … More → The post AI shrinks vulnerability exploitation window to hours appeared first on Help Net Security.
http://news.poseidon-us.com/TSbWTQ

Product showcase: McAfee + ChatGPT integration turns doubt into a scam check

McAfee + ChatGPT integration brings real-time scam detection in conversations and gives users an easier way to verify suspicious content before clicking or responding. It is available to anyone, without requiring a McAfee or ChatGPT subscription. It combines conversational AI with McAfee’s cybersecurity intelligence to help users evaluate potentially dangerous content such as messages, emails, links, screenshots, and social media posts for signs of scams or phishing. How McAfee + ChatGPT helps identify phishing attempts … More → The post Product showcase: McAfee + ChatGPT integration turns doubt into a scam check appeared first on Help Net Security.
http://news.poseidon-us.com/TSbWTL

When ransomware hits, confidence doesn’t restore endpoints

Ransomware, supply chain vulnerabilities, insider threats, compliance failures, and software disruptions remain major concerns for security leaders, according to The Ransomware Reality: Zero Days to Recover report by Absolute Security. How CISOs currently ensure endpoint resilience against ransomware (overall, %) (Source: Absolute Security) A survey of 750 CISOs from enterprise organizations with more than 5,000 employees in the United States and the United Kingdom revealed gaps between ransomware frequency, confidence in recovery capabilities, and remediation … More → The post When ransomware hits, confidence doesn’t restore endpoints appeared first on Help Net Security.
http://news.poseidon-us.com/TSbWTD

Debian 13.5 point release lands with security fixes, bug patches

Debian 13.5 is the fifth point release for the stable distribution “trixie.” The update folds in roughly 100 Debian Security Advisories and corrections for more than 130 source packages, covering everything from the Linux kernel and Apache HTTP Server to OpenSSH, sudo, systemd, OpenSSL, glibc, and FreeRDP. Fresh installer images carrying the same fixes will follow at the regular download locations. Sysadmins running trixie do not need to reinstall. Existing media remain valid, and machines … More → The post Debian 13.5 point release lands with security fixes, bug patches appeared first on Help Net Security.
http://news.poseidon-us.com/TSbWSs

Google lets Workspace admins apply one policy across all SAML apps

Google has updated Context-Aware Access (CAA) in Google Workspace to introduce a default policy assignment for SAML applications. SAML applications are third-party or internal applications that use the Security Assertion Markup Language (SAML) protocol to enable single sign-on (SSO) with Google Workspace credentials. Google says this update introduces a default assignment that serves as a universal security baseline, automatically protecting any SAML-based application that does not have a specific policy already assigned. By establishing this … More → The post Google lets Workspace admins apply one policy across all SAML apps appeared first on Help Net Security.
http://news.poseidon-us.com/TSbV0z

CIOs under pressure as disruptions mount

Members of the C-suite, including technology executives, report that external volatility creates tension around innovation, according to a KPMG survey.
http://news.poseidon-us.com/TSbTll

The pipeline tax is breaking enterprise AI at agent scale

The data layer is where the next decade gets decided.
http://news.poseidon-us.com/TSbNQN

New research exposes cracks in AI security confidence among CIOs

“We have an opportunity with AI to do something better — to secure it by design and follow that principle from the get-go,” said to Palo Alto Networks’ Jaimin Patel.
http://news.poseidon-us.com/TSbNPY

The “impossible” LED that could change everything

Scientists at the University of Cambridge have achieved what was once considered impossible by electrically powering insulating nanoparticles to create a completely new kind of LED. Using tiny organic “molecular antennas,” the team found a way to funnel energy into materials that normally cannot conduct electricity, producing ultra pure near infrared light with remarkable efficiency.
http://news.poseidon-us.com/TSbFXb