433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Cisco Nexus Dashboard Path Traversal Vulnerability

A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. This vulnerability is due to insufficient validation of the contents of a backup file. An attacker with valid Administrator credentials could exploit this vulnerability by restoring a crafted backup file to an affected device. A successful exploit could allow the attacker to gain root privileges on the underlying shell on the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-ptrs-XU2Fm2Wb Security Impact Rating: Medium CVE: CVE-2025-20344
http://news.poseidon-us.com/TMk1K3

How Threat Actors Are Rizzing Up Your AI for Profit

Cybercriminals are hijacking generative AI using SEO-poisoned content and advanced Traffic Distribution Systems (TDS). Discover how LLMs are being weaponized for malware, slopsquatting, and prompt injection—and what defenders must do now.
http://news.poseidon-us.com/TMjyFF

AI is becoming a core tool in cybercrime, Anthropic warns

A new report from Anthropic shows how criminals are using AI to actively run parts of their operations. The findings suggest that AI is now embedded across the full attack cycle, from reconnaissance and malware development to fraud and extortion. The report is based on real cases where Anthropic’s models were misused. It provides an unusual view into how attackers are adapting and building AI into every stage of their operations. While the focus is … More → The post AI is becoming a core tool in cybercrime, Anthropic warns appeared first on Help Net Security.
http://news.poseidon-us.com/TMjx9B

Unit21 BYOA automates fraud and AML tasks

Unit21 has launched its Build Your Own Agent (BYOA) for banks, credit unions, and fintechs. The product enables risk and compliance teams to automate fraud and AML tasks, turning hours of manual data gathering, sorting and sifting into just minutes of analysis and action. Unit21’s no-code BYOA integrates custom AI agents into your most common fraud and AML workflows, such as sanctions, transaction monitoring, and check fraud, while delivering structured, explainable insights directly into alert … More → The post Unit21 BYOA automates fraud and AML tasks appeared first on Help Net Security.
http://news.poseidon-us.com/TMjx7R

Qwiet AI empowers developers in shipping secure software faster

Qwiet AI has unveiled updates to its application security platform. These updates, which include expanded integrations across Azure DevOps, Azure Boards, and GitHub, and the introduction of new AI-powered AutoFix capabilities and an enhanced user experience, are set to revolutionize how development and security teams release secure applications. By empowering teams to release secure applications at the speed of innovation without disrupting developer workflows, these updates promise a more comfortable and user-friendly experience. The latest … More → The post Qwiet AI empowers developers in shipping secure software faster appeared first on Help Net Security.
http://news.poseidon-us.com/TMjx76

300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158

Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which Plex has issued a fix for earlier this month, Censys has warned. About CVE-2025-34158 Plex Media Server (PMS) is software that allows users to turn their Windows/Linux/macOS computer or their network-attached storage devices into a personal media server. It organizes their movies, music, photos, and other media and enables them to stream the content on nearly … More → The post 300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 appeared first on Help Net Security.
http://news.poseidon-us.com/TMjx5b

One Step Ahead: Stark Industries Solutions Preempts EU Sanctions

Before facing EU sanctions in May 2025, Stark Industries Solutions executed a strategic infrastructure overhaul to maintain operations. This report reveals how rebranding, RIPE resource manipulation, and cross-border obfuscation enabled the sanctioned web host to remain resilient — highlighting the persistent challenge of threat activity enablers.
http://news.poseidon-us.com/TMjtvx

NIST Revises Security and Privacy Control Catalog to Improve Software Update and Patch Releases

The catalog revision is part of NIST’s response to a recent Executive Order on strengthening the nation’s cybersecurity.
http://news.poseidon-us.com/TMjtZJ

AI agents spark mix of anticipation, skepticism and fear: Workday

Most survey respondents were open to working with AI agents, but only 30% were comfortable with being managed by them.
http://news.poseidon-us.com/TMjjbX