Blog

Radware AI Xploit Shield delivers virtual patching for newly identified application and API flaws

Radware has announced AI Xploit Shield, a new service that provides organizations with protection for their applications and APIs from exploitation of newly discovered vulnerabilities. As emerging frontier AI models like Mythos from Anthropic accelerate vulnerability discovery, organizations face a growing challenge: the volume of newly discovered vulnerabilities is accelerating while the window between vulnerability identification and exploitation is shrinking. These trends are widening the gap between discovery and remediation and making it increasingly difficult … More → The post Radware AI Xploit Shield delivers virtual patching for newly identified application and API flaws appeared first on Help Net Security.
http://news.poseidon-us.com/TT42pp

Cybersecurity experts blast US government for restricting Anthropic’s AI models

CISOs and prominent researchers called a recent export-control ban “dangerous.”
http://news.poseidon-us.com/TT3t3k

Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)

Cisco has revealed another Catalyst SD-WAN Manager vulnerability (CVE-2026-20262) that its Product Security Incident Response Team observed being exploited by attackers. But the associated security advisory also states that “the vulnerability was found during internal security testing”, raising the question of how attackers came to exploit it before Cisco had disclosed it publicly. The vulnerability (CVE-2026-20262) Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) is the management plane for the entire Cisco SD-WAN fabric. CVE-2026-20262 is … More → The post Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262) appeared first on Help Net Security.
http://news.poseidon-us.com/TT3sbZ

Crypto scammers are sending couriers to victims’ homes to collect cash

Scammers behind cryptocurrency investment schemes are dispatching couriers to pick up cash from victims in person, the FBI warns. According to the agency, scammers usually approach victims through social media, text messages, or fake investment personas, luring them into cryptocurrency schemes that use fraudulent trading platforms and fabricated returns to encourage additional deposits. When financial institutions block suspicious transfers, scammers tell victims that cash pickups are required to continue investing or to pay purported fees … More → The post Crypto scammers are sending couriers to victims’ homes to collect cash appeared first on Help Net Security.
http://news.poseidon-us.com/TT3sbV

Software supply chains are heading for a transparency test

Software supply chain visibility is becoming part of product security work as the EU Cyber Resilience Act (CRA) moves toward application in December 2027. ENISA’s SBOM Adoption State of Play 2026 shows organizations preparing for CRA obligations through SBOM tooling, automation, and changes to software development practices. Level of SBOM adoption based on organisation size (Source: ENISA) SBOMs move from best practice to requirement The CRA requires manufacturers to create, maintain, and, where necessary, provide … More → The post Software supply chains are heading for a transparency test appeared first on Help Net Security.
http://news.poseidon-us.com/TT3sbS

Planning a trip? Fake travel sites are multiplying this summer

Cyberattacks against hospitality, travel, and recreation organizations rose 24% year over year, reaching an average of 2,291 incidents per organization each week in May 2026, according to Check Point. (Source: Check Point) “The sector has more than doubled its attack volume since May 2023,” researchers noted, reporting a cumulative increase of 122% over three years. According to the report, 47,318 travel-related domains were registered in May 2026, a 33% increase from the previous month. One … More → The post Planning a trip? Fake travel sites are multiplying this summer appeared first on Help Net Security.
http://news.poseidon-us.com/TT3sZ7

GitHub releases an open dataset for multilingual developer content

Developers coordinate code across README files, issue threads, and pull request discussions. Much of that exchange happens in English, and a large share happens in other languages. GitHub has released a dataset built to help researchers and developers locate public repositories that carry non-English natural-language content. The GitHub Multilingual Repositories Dataset is available on GitHub under the CC0-1.0 license. The release follows a commitment GitHub made in 2025 as part of Microsoft’s European Digital Commitments … More → The post GitHub releases an open dataset for multilingual developer content appeared first on Help Net Security.
http://news.poseidon-us.com/TT3k6Q

Reachability makes AI threat modeling worth the trust

In this interview with Help Net Security, Oscar Andersson, CTO at Oplane, explains why most scanning tools fail. They cry wolf, flagging threats that cannot run in real code. The argument centers on reachability. A finding counts only when someone walks the path to impact on a working build. He shows how a chain of small design choices led to account takeover in a popular open-source project, then covers how to test a vendor’s claims, … More → The post Reachability makes AI threat modeling worth the trust appeared first on Help Net Security.
http://news.poseidon-us.com/TT3gjY