433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Cisco NX-OS Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by entering crafted input as the argument of an affected CLI command. A successful exploit could allow the attacker to read and write files on the underlying operating system with the privileges of a non-root user account. File system access is limited to the permissions that are granted to that non-root user account. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmdinj-qhNze5Ss This advisory is part of the August 2025 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2025 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2025-20292
http://news.poseidon-us.com/TMk1P1

Cisco Nexus Dashboard and Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerabilities

Multiple vulnerabilities in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device. These vulnerabilities exist because of missing authorization controls on some REST API endpoints. An attacker could exploit these vulnerabilities by sending crafted API requests to an affected endpoint. A successful exploit could allow the attacker to perform limited Administrator functions, such as accessing sensitive information regarding HTTP Proxy and NTP configurations, uploading images, and damaging image files on an affected device. Note: These vulnerabilities affect only a subset of REST API endpoints and do not affect the web-based management interface. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nshs-urapi-gJuBVFpu Security Impact Rating: Medium CVE: CVE-2025-20347,CVE-2025-20348
http://news.poseidon-us.com/TMk1Nt

Cisco Nexus Dashboard Path Traversal Vulnerability

A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. This vulnerability is due to insufficient validation of the contents of a backup file. An attacker with valid Administrator credentials could exploit this vulnerability by restoring a crafted backup file to an affected device. A successful exploit could allow the attacker to gain root privileges on the underlying shell on the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-ptrs-XU2Fm2Wb Security Impact Rating: Medium CVE: CVE-2025-20344
http://news.poseidon-us.com/TMk1K3

How Threat Actors Are Rizzing Up Your AI for Profit

Cybercriminals are hijacking generative AI using SEO-poisoned content and advanced Traffic Distribution Systems (TDS). Discover how LLMs are being weaponized for malware, slopsquatting, and prompt injection—and what defenders must do now.
http://news.poseidon-us.com/TMjyFF

AI is becoming a core tool in cybercrime, Anthropic warns

A new report from Anthropic shows how criminals are using AI to actively run parts of their operations. The findings suggest that AI is now embedded across the full attack cycle, from reconnaissance and malware development to fraud and extortion. The report is based on real cases where Anthropic’s models were misused. It provides an unusual view into how attackers are adapting and building AI into every stage of their operations. While the focus is … More → The post AI is becoming a core tool in cybercrime, Anthropic warns appeared first on Help Net Security.
http://news.poseidon-us.com/TMjx9B

Unit21 BYOA automates fraud and AML tasks

Unit21 has launched its Build Your Own Agent (BYOA) for banks, credit unions, and fintechs. The product enables risk and compliance teams to automate fraud and AML tasks, turning hours of manual data gathering, sorting and sifting into just minutes of analysis and action. Unit21’s no-code BYOA integrates custom AI agents into your most common fraud and AML workflows, such as sanctions, transaction monitoring, and check fraud, while delivering structured, explainable insights directly into alert … More → The post Unit21 BYOA automates fraud and AML tasks appeared first on Help Net Security.
http://news.poseidon-us.com/TMjx7R

Qwiet AI empowers developers in shipping secure software faster

Qwiet AI has unveiled updates to its application security platform. These updates, which include expanded integrations across Azure DevOps, Azure Boards, and GitHub, and the introduction of new AI-powered AutoFix capabilities and an enhanced user experience, are set to revolutionize how development and security teams release secure applications. By empowering teams to release secure applications at the speed of innovation without disrupting developer workflows, these updates promise a more comfortable and user-friendly experience. The latest … More → The post Qwiet AI empowers developers in shipping secure software faster appeared first on Help Net Security.
http://news.poseidon-us.com/TMjx76

300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158

Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which Plex has issued a fix for earlier this month, Censys has warned. About CVE-2025-34158 Plex Media Server (PMS) is software that allows users to turn their Windows/Linux/macOS computer or their network-attached storage devices into a personal media server. It organizes their movies, music, photos, and other media and enables them to stream the content on nearly … More → The post 300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 appeared first on Help Net Security.
http://news.poseidon-us.com/TMjx5b

One Step Ahead: Stark Industries Solutions Preempts EU Sanctions

Before facing EU sanctions in May 2025, Stark Industries Solutions executed a strategic infrastructure overhaul to maintain operations. This report reveals how rebranding, RIPE resource manipulation, and cross-border obfuscation enabled the sanctioned web host to remain resilient — highlighting the persistent challenge of threat activity enablers.
http://news.poseidon-us.com/TMjtvx

NIST Revises Security and Privacy Control Catalog to Improve Software Update and Patch Releases

The catalog revision is part of NIST’s response to a recent Executive Order on strengthening the nation’s cybersecurity.
http://news.poseidon-us.com/TMjtZJ