433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild

The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with two more. The first, dubbed “RedSun,” is another privilege escalation flaw in the same platform. The second, “UnDefend,” allows a standard user to block Microsoft Defender from receiving signature updates or disable it entirely (if Microsoft pushes a major Defender update). And, according to Huntress researchers, all three exploitation techniques have … More → The post Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild appeared first on Help Net Security.
http://news.poseidon-us.com/TS4xkk

GitLab 18.11 brings agentic AI to security fixes, CI pipelines, and delivery analytics

GitLab has released GitLab 18.11, expanding agentic AI across the entire software lifecycle with security remediation, pipeline configuration, and delivery analytics. AI-generated code moves faster than the systems around it can keep up with, creating the AI paradox: faster code generation without faster delivery, security, or operations to match. As code volume grows, so does the backlog of pipelines to configure, security findings to remediate, and delivery questions to answer. GitLab 18.11 helps address those … More → The post GitLab 18.11 brings agentic AI to security fixes, CI pipelines, and delivery analytics appeared first on Help Net Security.
http://news.poseidon-us.com/TS4vHT

Liongard upgrades LiongardIQ with AI access, live asset data, and deeper discovery

Liongard has announced the expansion of LiongardIQ with new capabilities spanning programmatic AI integration, conversational querying, enhanced network discovery, and deeper identity mapping, extending its system of authority for asset intelligence across the full IT stack. Without a trusted foundation of asset intelligence, automation runs on assumptions, AI agents query stale data, and security gaps go undetected. LiongardIQ is that foundation, continuously discovering and monitoring every asset, identity, and configuration across the IT stack. “The … More → The post Liongard upgrades LiongardIQ with AI access, live asset data, and deeper discovery appeared first on Help Net Security.
http://news.poseidon-us.com/TS4vFs

Mozilla challenges enterprise AI providers with Thunderbolt, open-source AI client under your control

For organizations that want to keep company data within their own systems and have more control over how AI is deployed, Mozilla is offering an alternative to externally hosted AI services with Thunderbolt, an open-source AI client designed for self-hosted use. Thunderbolt is available through a waitlist, with native applications for web, macOS, Windows, Linux, iOS, and Android. Its source code is published on GitHub. Mozilla says Thunderbolt “gives organizations what proprietary AI services can’t,” … More → The post Mozilla challenges enterprise AI providers with Thunderbolt, open-source AI client under your control appeared first on Help Net Security.
http://news.poseidon-us.com/TS4sbD

Codex can now operate between apps. Where are the boundaries?

OpenAI is rolling out a major update to the Codex desktop app for users signed in with ChatGPT. Personalization features, including context-aware suggestions and memory, will roll out to Enterprise, Edu, and users in the EU and UK soon. Computer use is initially available on macOS and will expand to EU and UK users in the near future. Screenshot of Codex computer use on Mac (Source: OpenAI) The update expands Codex into a more capable … More → The post Codex can now operate between apps. Where are the boundaries? appeared first on Help Net Security.
http://news.poseidon-us.com/TS4sZS

Android 17 Beta 4 arrives with post-quantum cryptography and new memory limits

Google shipped Android 17 Beta 4 on April 16, marking the last scheduled beta in the Android 17 release cycle. The build targets app compatibility testing and platform stability ahead of the final release, and it carries several behavior changes that developers need to account for before the stable version ships. Supported Pixel devices can enroll in the Android Beta program to receive the update over the air. Developers without a Pixel device can use … More → The post Android 17 Beta 4 arrives with post-quantum cryptography and new memory limits appeared first on Help Net Security.
http://news.poseidon-us.com/TS4lm7

Apple AirTag tracking can be misled by replayed Bluetooth signals

Apple’s AirTag is designed to help users track lost items by relying on a vast network of nearby Apple devices. New research shows that this same system can be manipulated to display locations where an AirTag has never been. Relaying an AirTag’s BLE advertisments over the Internet injects false location reports into the Find My system How the attack works The Find My network depends on Bluetooth Low Energy (BLE) signals broadcast by AirTags. When … More → The post Apple AirTag tracking can be misled by replayed Bluetooth signals appeared first on Help Net Security.
http://news.poseidon-us.com/TS4jlW