Blog

Treating AI agents like service accounts for federated query security

In this interview with Help Net Security, Paras Malhotra, CISO at Starburst, explains how the company handles data governance across federated query environments. Topics include layering Starburst’s access controls above native source permissions, tiering vendor risk across more than 200 partners and connectors, and building audit trails for autonomous agents. The conversation covers how AIDA turns natural language into SQL while guarding against prompt injection, and how the company treats AI agents querying through MCP … More → The post Treating AI agents like service accounts for federated query security appeared first on Help Net Security.
http://news.poseidon-us.com/TSxkrd

Malware ships with bugs that defenders could use against it

Static analysis tools have spent years scanning legitimate software for security bugs before it goes out the door. The same scanners work on malware, and malware carries a steady supply of its own bugs. Researchers ran four of these tools across 658 leaked malware projects and found that close to 90 percent contained at least one recognized software weakness. The malware code came from VX-Underground, a public repository of leaked samples. The scanners were Cppcheck, … More → The post Malware ships with bugs that defenders could use against it appeared first on Help Net Security.
http://news.poseidon-us.com/TSxkqR

The security questions around Chinese AI coding models in U.S. software

Software developers across the United States are using AI models built in China to write, debug, and review code, drawn by prices below those of American alternatives. These models carry risks for the security of American software, according to a report from Booz Allen Hamilton, which tested how the models respond when the user appears to work for the U.S. government. What the testing covered In May 2026, Booz Allen ran more than 2,800 trials … More → The post The security questions around Chinese AI coding models in U.S. software appeared first on Help Net Security.
http://news.poseidon-us.com/TSxgcX

Cybersecurity jobs available right now: June 9, 2026

Application Security Architect INTENSITY Global Group | Israel | Hybrid – View job details As an Application Security Architect, you will design secure application architectures, perform threat modeling and security assessments, define security standards and controls, integrate security into the SDLC and CI/CD pipelines, support application security tooling and incident response, and guide engineering teams on secure development practices. Application Security Engineer HealthHero | United Kingdom | Hybrid – View job details As an Application … More → The post Cybersecurity jobs available right now: June 9, 2026 appeared first on Help Net Security.
http://news.poseidon-us.com/TSxgbx

Choice Hotels promotes exec as CTO to support AI buildout

Tony Pallas, who spent more than 10 years modernizing the hospitality company’s tech stack, will work to advance AI capabilities in his new role.
http://news.poseidon-us.com/TSxVdb

AI deployment plans are catching leaders underprepared

Embedding control and creating visibility into AI systems will allow leaders to scale confidently, Matt Lyteson, IBM CIO said.
http://news.poseidon-us.com/TSxSyp

Meta claims NSO Group still targets WhatsApp users despite court order

Meta claims it disrupted spear-phishing attempts linked to NSO Group and is asking a US federal court to hold the spyware vendor in contempt for allegedly violating an injunction that bars it from targeting WhatsApp and its users. “We successfully disrupted NSO-linked social engineering attempts after investigating user reports,” Meta stated. “They tried to trick people into clicking on malicious links to drive them to external websites outside of WhatsApp, similar to previously reported 1-click … More → The post Meta claims NSO Group still targets WhatsApp users despite court order appeared first on Help Net Security.
http://news.poseidon-us.com/TSxR1V

How the CDC is building the data infrastructure U.S. public health needs

CDC’s Office of Public Health Data, Surveillance and Technology is on a mission to build a smarter, faster, more connected public health data infrastructure.
http://news.poseidon-us.com/TSxPJj

Microsoft changes how Defender for Endpoint EDR updates are delivered on Windows

Microsoft will distribute Defender for Endpoint EDR updates through Microsoft Update, enabling EDR security improvements to be released independently of monthly Windows operating system updates. The rollout started for Windows 10 devices in late May 2026 and will expand to Windows 11 and other supported Windows versions later this year. Microsoft expects deployment to be completed by fall 2026. Organizations whose devices receive updates through Microsoft Update do not need to take any action. Those … More → The post Microsoft changes how Defender for Endpoint EDR updates are delivered on Windows appeared first on Help Net Security.
http://news.poseidon-us.com/TSxKd0

Hackers used Meta’s AI support system to hijack over 20,000 Instagram accounts

Meta has revealed that attackers hijacked 20,225 Instagram accounts by exploiting a flaw in the company’s AI-assisted account recovery system. According to the company, a vulnerability in High Touch Support (HTS) allowed unauthorized parties to perform password resets on Instagram accounts. HTS is an AI-assisted account recovery system for Instagram designed to help users regain access to locked accounts. Users can request password reset links through the support workflow when they lose access to their … More → The post Hackers used Meta’s AI support system to hijack over 20,000 Instagram accounts appeared first on Help Net Security.
http://news.poseidon-us.com/TSx9KF