433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Flatpak 1.16.4 fixes sandbox escape and three other security flaws

Flatpak, a Linux application sandboxing and distribution framework, released version 1.16.4, patching four security vulnerabilities. The most severe fix addresses a complete sandbox escape that leads to host file access and code execution in the host context, tracked as CVE-2026-34078. File system exposure Two additional fixes address file system exposure on the host. CVE-2026-34079 prevents arbitrary file deletion on the host filesystem. GHSA-2fxp-43j9-pwvc prevents arbitrary read-access to files in the system-helper context. The fourth fix, … More → The post Flatpak 1.16.4 fixes sandbox escape and three other security flaws appeared first on Help Net Security.
http://news.poseidon-us.com/TRwpMm

Secureframe expands Comply with User Access Reviews for automated governance

Secureframe has announced the launch of User Access Reviews, a new capability within Secureframe Comply. Access reviews are the primary mechanism organizations use to validate that the right people have the appropriate access, but the process has historically been manual, fragmented, and difficult to audit. Most teams still conduct access reviews using exported spreadsheets and email threads, creating accountability gaps and leaving security incidents waiting to happen. User Access Reviews eliminates that risk. The new … More → The post Secureframe expands Comply with User Access Reviews for automated governance appeared first on Help Net Security.
http://news.poseidon-us.com/TRwpM8

What managing partners should ask AI vendors before signing any contract

In this Help Net Security interview, Kumar Ravi is the Chief Security & Resilience Officer at TMF Group, argues that over-privileged access and weak workflow controls pose more danger than ransomware attacks, precisely because they accumulate quietly and go unnoticed. He addresses the tension between legal privilege and timely threat-sharing, the challenge of managing fourth-party vendor risk, and the questions firms should ask before adopting AI-native tools. His broader argument: security needs to sit at … More → The post What managing partners should ask AI vendors before signing any contract appeared first on Help Net Security.
http://news.poseidon-us.com/TRwgTT

6G network design puts AI at the center of spectrum, routing, and fault management

Wireless network operators are preparing for a generation of infrastructure where AI is built into the architecture from the start. Sixth-generation networks, expected to reach commercial development over the coming decade, are being designed with AI at the center of how spectrum is allocated, traffic is routed, and failures are detected. A paper by researchers at Harokopio University of Athens examines how different AI techniques map to specific layers of 6G network design, from the … More → The post 6G network design puts AI at the center of spectrum, routing, and fault management appeared first on Help Net Security.
http://news.poseidon-us.com/TRwZqM

OpenSSL 3.6.2 lands with eight CVE fixes

OpenSSL 3.6.2 patches eight CVEs across a range of components. The project rates the most severe issue in the release as Moderate. What got fixed The release fixes incorrect failure handling in RSA KEM RSASVE encapsulation (CVE-2026-31790) and a loss of key agreement group tuple structure when the DEFAULT keyword is used in server-side configuration of the key-agreement group list (CVE-2026-2673). An out-of-bounds read in AES-CFB-128 on x86-64 CPUs with AVX-512 support (CVE-2026-28386) is also … More → The post OpenSSL 3.6.2 lands with eight CVE fixes appeared first on Help Net Security.
http://news.poseidon-us.com/TRwZqL

Cybercriminals move deeper into networks, hiding in edge infrastructure

Attack activity is moving toward infrastructure outside endpoint visibility. Proxy networks support a wide range of operations, edge devices serve as initial access points, and GenAI speeds up how attackers assemble and rebuild their tooling. Lumen’s 2026 Threatscape Report describes this pattern in criminal and nation-state activity. “Threat intelligence is needed to find the adversary as early as possible and as close to the point of origination as possible,” said Chris Kissel, IDC VP, Security … More → The post Cybercriminals move deeper into networks, hiding in edge infrastructure appeared first on Help Net Security.
http://news.poseidon-us.com/TRwZqH

Anthropic’s new AI model finds and exploits zero-days across every major OS and browser

Automated vulnerability discovery tools have existed for decades, and the gap between finding a bug and building a working exploit has always slowed attackers. That gap is now substantially narrower. Anthropic’s Claude Mythos Preview, a new general-purpose language model being made available only to a limited group of critical industry partners and open source developers, can autonomously identify zero-day vulnerabilities and then construct working exploits across every major operating system and major web browser. Anthropic’s … More → The post Anthropic’s new AI model finds and exploits zero-days across every major OS and browser appeared first on Help Net Security.
http://news.poseidon-us.com/TRwZqD

Cybersecurity jobs available right now: April 8, 2026

Application Security Engineer Liebherr Group | Germany | On-site – View job details As an Application Security Engineer, you will implement security testing tools such as SAST, DAST, and IAST, perform vulnerability assessments and penetration testing, and collaborate with developers to remediate issues and enforce secure coding practices. You will automate security testing in CI/CD pipelines, monitor threats and incidents, and maintain security documentation and compliance requirements. Application Security Engineer II AppFolio | USA | … More → The post Cybersecurity jobs available right now: April 8, 2026 appeared first on Help Net Security.
http://news.poseidon-us.com/TRwZpt