433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643)

A critical SQL injection vulnerability (CVE-2026-21643) in Fortinet FortiClient Endpoint Management Server (EMS), a management server for FortiClient endpoint agents on various platforms, is under active exploitation. The warning comes from Defused Cyber, which helps organizations deploy honeypots/fake assets, and uses them as well to capture real attack attempts and exploits and provide early warning threat intelligence. “Currently marked as not exploited on CISA and other Known Exploited Vulnerabilities (KEV) lists, [CVE-2026-21643] has seen first … More → The post Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643) appeared first on Help Net Security.
http://news.poseidon-us.com/TRmvxb

Second data breach at European Commission this year leaves open questions over resilience

The European Commission confirmed that a cyberattack impacted cloud infrastructure hosting its web presence on the Europa.eu platform. Authorities said the cyberattack was discovered on 24 March, and early findings from the ongoing investigation suggest data were taken from the affected websites.There is no indication that the Commission’s internal systems were compromised. “The Commission’s swift response ensured the incident was contained and risk mitigation measures were implemented to protect services and data, without disrupting the … More → The post Second data breach at European Commission this year leaves open questions over resilience appeared first on Help Net Security.
http://news.poseidon-us.com/TRmvxX

IPVanish Threat Protection Pro blocks malicious activity before they reach the user

IPVanish launched Threat Protection Pro, a new feature for Windows and macOS that is designed to provide always-on digital security. Threat Protection Pro is powered by cybersecurity technology from VIPRE, bringing over 25 years of threat intelligence and security expertise into the IPVanish app to deliver advanced, real-time protection against malicious websites, downloads, ads, and trackers, regardless of whether the VPN connection is active. This launch marks the latest advancement in IPVanish’s evolution as a … More → The post IPVanish Threat Protection Pro blocks malicious activity before they reach the user appeared first on Help Net Security.
http://news.poseidon-us.com/TRmvwm

Android 17 tweaks location privacy with one-time access

Google introduced a suite of location privacy features in Android 17 Beta 3 to give users more control and provide developers with tools for data minimization and product safety. Location button overview Android 17 introduces a new UI element called the location button, designed for one-time access to precise location. This feature supports common tasks that do not require persistent or background access, such as finding nearby places or tagging content. Users can customize location … More → The post Android 17 tweaks location privacy with one-time access appeared first on Help Net Security.
http://news.poseidon-us.com/TRmpPc

SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools

Bootable Linux recovery environments occupy a specific niche in the systems administration and incident response toolkit. SystemRescue, an Arch-based live distribution built for repairing unbootable systems and recovering data from damaged drives, has shipped version 13.00 with a new long-term supported kernel, updated storage tools, and several additions to its command-line toolset. Kernel and storage updates The release moves to Linux 6.18.20, the current long-term supported kernel series. For a recovery distribution that needs to … More → The post SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools appeared first on Help Net Security.
http://news.poseidon-us.com/TRmhxJ

Why risk alone doesn’t get you to yes

I have been in security rooms for years, from military operations centers to corporate boardrooms. In all those years I can tell you that the hardest mission that most security leaders will face is not identifying a threat, but getting someone to act on it. We’re trained to see exposure before they are identified by others. We continually assess likely threats, evaluate impact, and design controls to prevent disruption long before it reaches operations or … More → The post Why risk alone doesn’t get you to yes appeared first on Help Net Security.
http://news.poseidon-us.com/TRmbFL

ShipSec Studio brings open-source workflow orchestration to security operations

Security teams have long relied on a mix of shell scripts, cron jobs, and loosely connected tools to chain reconnaissance and vulnerability scanning work together. ShipSec Studio, an open-source security workflow automation platform from ShipSec AI, aims to replace that arrangement with a dedicated orchestration layer built specifically for security operations. What the platform does ShipSec Studio provides a visual, no-code workflow builder that lets operators connect security tools into automated pipelines without writing glue … More → The post ShipSec Studio brings open-source workflow orchestration to security operations appeared first on Help Net Security.
http://news.poseidon-us.com/TRmXB0