Blog

TeamPCP’s attack spree slows, but threat escalates with ransomware pivot

TeamPCP’s destructive run of supply chain breaches has stopped, for now: it has been three days since the group published malicious versions of Telnyx’s SDK on PyPI, and there haven’t been reports of new open-source project compromises. Partnership with emerging RaaS operation “The prior operational cadence was aggressive – a new target every 1-3 days (Trivy [on] March 19, CanisterWorm [on] March 20-22, Checkmarx [on] March 23, LiteLLM [on] March 24, Telnyx [on] March 27),” … More → The post TeamPCP’s attack spree slows, but threat escalates with ransomware pivot appeared first on Help Net Security.
http://news.poseidon-us.com/TRn400

Diligent automates time-consuming steps in third-party reviews

Diligent launched of Third-Party Risk Intel, an agentic due diligence and intelligence solution that automates the most time-consuming steps of third-party reviews, delivering up to 80% time savings for compliance, legal, and procurement teams. The launch builds on the company’s recent acquisition of 3rdRisk, an AI-native third-party risk management solution that gives organizations a near real-time view of their external ecosystem, how critical vendors are performing, and what that means for their overall risk posture. … More → The post Diligent automates time-consuming steps in third-party reviews appeared first on Help Net Security.
http://news.poseidon-us.com/TRn3zm

Coro launches MCP capabilities to simplify security operations through AI workflows

Coro has announced new Model Context Protocol (MCP) capabilities that extend its AI-driven security platform beyond the Coro interface, allowing users to access, analyze, and take action on security data directly from tools like ChatGPT, Claude, and other AI environments. Coro enables teams to interact with and act on security data without switching tools or navigating complex dashboards, which is important for organizations increasingly relying on AI assistants to manage daily workflows. Coro’s MCP integration … More → The post Coro launches MCP capabilities to simplify security operations through AI workflows appeared first on Help Net Security.
http://news.poseidon-us.com/TRn3zN

Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643)

A critical SQL injection vulnerability (CVE-2026-21643) in Fortinet FortiClient Endpoint Management Server (EMS), a management server for FortiClient endpoint agents on various platforms, is under active exploitation. The warning comes from Defused Cyber, which helps organizations deploy honeypots/fake assets, and uses them as well to capture real attack attempts and exploits and provide early warning threat intelligence. “Currently marked as not exploited on CISA and other Known Exploited Vulnerabilities (KEV) lists, [CVE-2026-21643] has seen first … More → The post Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643) appeared first on Help Net Security.
http://news.poseidon-us.com/TRmvxb

Second data breach at European Commission this year leaves open questions over resilience

The European Commission confirmed that a cyberattack impacted cloud infrastructure hosting its web presence on the Europa.eu platform. Authorities said the cyberattack was discovered on 24 March, and early findings from the ongoing investigation suggest data were taken from the affected websites.There is no indication that the Commission’s internal systems were compromised. “The Commission’s swift response ensured the incident was contained and risk mitigation measures were implemented to protect services and data, without disrupting the … More → The post Second data breach at European Commission this year leaves open questions over resilience appeared first on Help Net Security.
http://news.poseidon-us.com/TRmvxX

IPVanish Threat Protection Pro blocks malicious activity before they reach the user

IPVanish launched Threat Protection Pro, a new feature for Windows and macOS that is designed to provide always-on digital security. Threat Protection Pro is powered by cybersecurity technology from VIPRE, bringing over 25 years of threat intelligence and security expertise into the IPVanish app to deliver advanced, real-time protection against malicious websites, downloads, ads, and trackers, regardless of whether the VPN connection is active. This launch marks the latest advancement in IPVanish’s evolution as a … More → The post IPVanish Threat Protection Pro blocks malicious activity before they reach the user appeared first on Help Net Security.
http://news.poseidon-us.com/TRmvwm

Android 17 tweaks location privacy with one-time access

Google introduced a suite of location privacy features in Android 17 Beta 3 to give users more control and provide developers with tools for data minimization and product safety. Location button overview Android 17 introduces a new UI element called the location button, designed for one-time access to precise location. This feature supports common tasks that do not require persistent or background access, such as finding nearby places or tagging content. Users can customize location … More → The post Android 17 tweaks location privacy with one-time access appeared first on Help Net Security.
http://news.poseidon-us.com/TRmpPc

David’s Bridal reshapes C-suite for the AI era

The retailer named a CTO, chief global transformation and operations officer as it works to scale technology, AI, operations and revenue
http://news.poseidon-us.com/TRmnwh