Blog

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitation in the wild has been observed since March 19, 2025, potentially allowing attackers to leak NTLM hashes or user passwords and compromise systems,” Check Point researchers have shared. About CVE-2025-24054 CVE-2025-24054 allows attackers to capture the NTLMv2 response (i.e., the NTLMv2-SSP … More → The post Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) appeared first on Help Net Security.
http://news.poseidon-us.com/TKCmll

Infrastructure permitting agencies have 45 days to develop modernization plans

The action plan also will provide a roadmap for creating a unified interagency permitting and environmental review data system. The post Infrastructure permitting agencies have 45 days to develop modernization plans first appeared on Federal News Network.
http://news.poseidon-us.com/TKCmRm

Why CIOs should prioritize IT modernization

Technology leaders must find ways to maximize productivity gains while minimizing disruption as they choose the most pressing upgrades.
http://news.poseidon-us.com/TKChBM

Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201)

Apple has released emergency security updates for iOS/iPadOS, macOS, tvOS and visionOS that fix two zero-day vulnerabilities (CVE-2025-31200, CVE-2025-31201) that have been exploited “in an extremely sophisticated attack against specific targeted individuals on iOS.” CVE-2025-31200 and CVE-2025-31201 CVE-2025-31200 affects CoreAudio, an API Apple devices use for processing audio. The memory corruption vulnerability can be triggered with a maliciously crafted media file: when the audio stream in it is processed, it allows attackers to execute malicious … More → The post Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) appeared first on Help Net Security.
http://news.poseidon-us.com/TKCfQM

Cyber threats against energy sector surge as global tensions mount

Cyberattacks targeting the energy sector are increasing, driven by a host of geopolitical and technological factors. A report published by Sophos in July 2024, and which surveyed 275 cybersecurity and IT leaders from the energy, oil/gas, and utilities sector across 14 countries, found 67% of respondents who said their organizations had suffered a ransomware attack in the last year. While Sophos’ figure remained steady year-over-year, a January 2025 report authored by TrustWave said that ransomware … More → The post Cyber threats against energy sector surge as global tensions mount appeared first on Help Net Security.
http://news.poseidon-us.com/TKCfPX

Gurucul introduces self-driving SIEM powered by AI enhancements

Gurucul announced a quantum leap forward with a self-driving SIEM powered by extensive AI enhancements and infused within a revamped AI-centric user interface for improved and effective execution of collect, detect, investigate, threat hunt and response workflows to its Unified Data and Security Analytics Platform—REVEAL. Supercharged with multiple AI agents throughout the entire threat management lifecycle, these new autonomous capabilities greatly reduce intensive engineering, maintenance and operational tasks, resulting in a “self-driving” SIEM that augments … More → The post Gurucul introduces self-driving SIEM powered by AI enhancements appeared first on Help Net Security.
http://news.poseidon-us.com/TKCWtk

Symbiotic Security v1 empowers developers to write secure code

Symbiotic Security launched Symbiotic Security version 1 that ensures code security keeps pace with development speed, by using AI to secure code in real-time through remediation and training integrated within their workflows. Symbiotic Security v1 empowers developers to write secure code from the outset during the development process, and maximize the productivity gains of AI-assisted coding. Its intelligent detection and remediation identifies vulnerabilities in real-time, instantly providing secure code suggestions that developers can accept, modify, … More → The post Symbiotic Security v1 empowers developers to write secure code appeared first on Help Net Security.
http://news.poseidon-us.com/TKCT14

Ebryx LLMSec protects LLMs and autonomous AI agents in production environments

Ebryx launched LLMSec — a suite of specialized security services designed to protect Large Language Models (LLMs) and autonomous AI agents in production environments. The new risk landscape for AI builders From OpenAI-based copilots to autonomous agents built with LangChain or CrewAI, LLMs are revolutionizing development. But their complexity introduces unique vulnerabilities: Prompt injection & jailbreaking – Malicious prompts can hijack model behavior Data leakage – Sensitive information exposed through model outputs Agent misuse – … More → The post Ebryx LLMSec protects LLMs and autonomous AI agents in production environments appeared first on Help Net Security.
http://news.poseidon-us.com/TKCSzs

When AI agents go rogue, the fallout hits the enterprise

In this Help Net Security interview, Jason Lord, CTO at AutoRABIT, discusses the cybersecurity risks posed by AI agents integrated into real-world systems. Issues like hallucinations, prompt injections, and embedded biases can turn these systems into vulnerable targets. Lord calls for oversight, continuous monitoring, and human-in-the-loop controls to combat these threats. Many AI agents are built on foundation models or LLMs. How do the inherent unpredictabilities of these models—like hallucinations or prompt injections—translate into risks … More → The post When AI agents go rogue, the fallout hits the enterprise appeared first on Help Net Security.
http://news.poseidon-us.com/TKCQ0y

Microsoft vulnerabilities: What’s improved, what’s at risk

Microsoft reported a record 1,360 vulnerabilities in 2024, according to the latest BeyondTrust Microsoft Vulnerabilities Report. The volume marks an 11% increase from the previous record in 2022 and fits within a broader post-pandemic trend: more vulnerabilities, more products, and more complex ecosystems. But one of the more telling metrics for CISOs is not just how many bugs were found — it’s how dangerous they were. In that regard, the data offers some good news. … More → The post Microsoft vulnerabilities: What’s improved, what’s at risk appeared first on Help Net Security.
http://news.poseidon-us.com/TKCQ0H