433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability

A vulnerability in the web interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges on an affected system. This vulnerability is due to the improper transmission of sensitive user information. An attacker could exploit this vulnerability by sending a crafted message to an affected Cisco SSM On-Prem host and retrieving session credentials from subsequent status messages. A successful exploit could allow the attacker to elevate privileges on the affected system from low to administrative. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of System User. Note: This vulnerability exposes information only about users who logged in to the Cisco SSM On-Prem host using the web interface and who are currently logged in. SSH sessions are not affected. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-xRAnOuO8 Security Impact Rating: High CVE: CVE-2026-20151
http://news.poseidon-us.com/TRqBH7

Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker with low privileges to access sensitive information that they are not authorized to access. This vulnerability is due to improper authorization checks on a REST API endpoint of an affected device. An attacker could exploit this vulnerability by querying the affected endpoint. A successful exploit could allow the attacker to view session information of active Cisco EPNM users, including users with administrative privileges, which could result in the affected device being compromised. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-improp-auth-mUwFWUU3 Security Impact Rating: High CVE: CVE-2026-20155
http://news.poseidon-us.com/TRqBH5

Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-A2tkgVAB Security Impact Rating: Medium CVE: CVE-2026-20085,CVE-2026-20087,CVE-2026-20088,CVE-2026-20089,CVE-2026-20090
http://news.poseidon-us.com/TRqBH2

Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability

A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient validation of the metadata update file. An attacker could exploit this vulnerability by crafting a metadata update file and manually uploading it to an affected device. A successful exploit could allow the attacker to write arbitrary files to the underlying operating system as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials. Note: Manual uploading of metadata files is typical for Air-Gap environments but not for Cisco Intersight Cloud connected devices. However, the manual upload option exists for both deployments. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndi-afw-rJuRC5dZ Security Impact Rating: Medium CVE: CVE-2026-20174
http://news.poseidon-us.com/TRqBFf

Cisco Integrated Management Controller Authentication Bypass Vulnerability

A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to bypass authentication, alter the passwords of any user on the system, including an Admin user, and gain access to the system as that user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-bypass-AgG2BxTn Security Impact Rating: Critical CVE: CVE-2026-20093
http://news.poseidon-us.com/TRqBDM

North Korean hackers linked to Axios npm supply chain compromise

The software supply chain attack that resulted in the compromise of npm packages of Axios, an extremely popular HTTP client library, is believed to be the work of financially-motivated North Korean attackers. Links to UNC1069 On March 31, 2026, unknown attackers managed to publish two backdoored Axios npm packages after gaining access to a maintainer’s npm account. The malicious versions introduced a hidden dependency containing a post-install script, and this script executed automatically during installation … More → The post North Korean hackers linked to Axios npm supply chain compromise appeared first on Help Net Security.
http://news.poseidon-us.com/TRq7PF

Exabeam expands ABA to detect AI agent threats across ChatGPT, Copilot, and Gemini

Exabeam has announced the expansion of Exabeam Agent Behavior Analytics (ABA). Without direct visibility into how employees use AI assistants, what they query, what data they share, how frequently they interact, and from where, organizations cannot establish a baseline for normal AI behavior, investigate potential misuse, or detect emerging agentic insider threats. New support to detect agent behavior in OpenAI ChatGPT and Microsoft Copilot, alongside existing visibility into Google Gemini, transforms these agentic services into … More → The post Exabeam expands ABA to detect AI agent threats across ChatGPT, Copilot, and Gemini appeared first on Help Net Security.
http://news.poseidon-us.com/TRq7P1

CIS Benchmarks March 2026 Update

The following CIS Benchmarks and CIS Build Kits have been updated or recently released. The Center for Internet Security has highlighted the major updates below. Each Benchmark and Build Kit includes a changelog that references all changes. Updated CIS Benchmarks overview CIS Microsoft Windows 11 Enterprise Benchmark v5.0.0 CIS Oracle Cloud Infrastructure Foundations Benchmark v3.1.0 CIS Apache Cassandra 5.0 Benchmark v1.1.0 CIS Apache Cassandra 4.1 Benchmark v1.2.0 CIS Apache Cassandra 4.0 Benchmark v1.3.0 CIS Microsoft … More → The post CIS Benchmarks March 2026 Update appeared first on Help Net Security.
http://news.poseidon-us.com/TRq7N0

A 200-year-old light trick just transformed quantum encryption

Scientists have unveiled a new approach to ultra-secure communication that could make quantum encryption simpler and more efficient than ever before. By harnessing a 19th-century optics phenomenon called the Talbot effect, researchers developed a system that sends information using multiple states of single photons instead of just two, dramatically boosting data capacity. Even more impressive, the setup works with standard components and requires only a single detector, reducing cost and complexity.
http://news.poseidon-us.com/TRq1R6

Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281)

Google has fixed 21 vulnerabilities affecting its popular Chrome browser, among them a zero-day (CVE-2026-5281) with an in-the-wild exploit. About CVE-2026-5281 As per usual, information about the fixed zero-day is limited, and there’s no details about the exploit (or how/if it’s being used by attackers). CVE-2026-5281’s official description says it’s a use-after-free (UAF) vulnerability in Dawn, an open-source and cross-platform implementation of the WebGPU standard that’s used in Chromium and Chromium-based browsers. The vulnerability affects … More → The post Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281) appeared first on Help Net Security.
http://news.poseidon-us.com/TRpw4B