433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Prompt injection tags along as GenAI enters daily government use

Routine use of GenAI has moved into daily operations in state and territorial government environments, placing new security risks within common workflows. A Center for Internet Security (CIS) report, Prompt Injections: The Inherent Threat to Generative AI, identifies prompt injection as a persistent concern tied to that adoption. Adoption expands exposure Use of AI tools has increased in government IT teams. A 2025 NASCIO survey of 51 state and territorial CIOs found that 82% reported … More → The post Prompt injection tags along as GenAI enters daily government use appeared first on Help Net Security.
http://news.poseidon-us.com/TRxbRC

BlueHammer: Windows zero-day exploit leaked

A buggy but functional proof-of-concept (PoC) exploit for an unpatched Windows local privilege escalation vulnerability dubbed BlueHammer has been published on GitHub by someone who goes by the handle Chaotic Eclipse and Nightmare Eclipse. Several security researchers have fixed the bugs in the exploit and made it work on patched Windows 10, 11, and Windows Server systems, and the question now is whether Microsoft is planning or working on a fix. The BlueHammer PoC exploit … More → The post BlueHammer: Windows zero-day exploit leaked appeared first on Help Net Security.
http://news.poseidon-us.com/TRxPxb

Trellix strengthens data security for the GenAI era

Trellix announced enhanced data security capabilities and a strategic framework designed to help organizations confidently adopt generative AI while protecting sensitive data from exposure and loss. “The rapid adoption of AI tools across the enterprise is creating new and often invisible data risks,” said Alex Au Yeung, CPO, Trellix. “Trellix brings together policy, visibility, and enforcement in a unified framework to help customers control how data is used across both sanctioned and shadow AI.” In … More → The post Trellix strengthens data security for the GenAI era appeared first on Help Net Security.
http://news.poseidon-us.com/TRxGz7

Social engineering attacks on open source developers are escalating

North Korean hackers spent weeks socially engineering an Axios maintainer through a fake Slack workspace, a cloned company identity, and a fabricated Microsoft Teams call that tricked him into installing a RAT posings as a software update. They used the access they gained to inject malware into npm packages downloaded 100+ million times a week. Now, a fresh Open Source Security Foundation (OpenSSF) advisory warns unknown attackers are using a similar approach to target other … More → The post Social engineering attacks on open source developers are escalating appeared first on Help Net Security.
http://news.poseidon-us.com/TRwwjh

Iranian cyber activity hits US energy, water, and government networks

U.S. government agencies on Tuesday warned American organizations about ongoing cyber activity targeting OT and PLC devices, including those manufactured by Rockwell Automation and Allen-Bradley, across multiple critical infrastructure sectors. The activity has been attributed to Iranian-affiliated APT actors seeking to disrupt operations in the United States. Disruptions across critical sectors The advisory, issued by federal cybersecurity and law enforcement agencies, said the activity aligns with heightened geopolitical tensions involving Iran, the United States, and … More → The post Iranian cyber activity hits US energy, water, and government networks appeared first on Help Net Security.
http://news.poseidon-us.com/TRwpMy