433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158

Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which Plex has issued a fix for earlier this month, Censys has warned. About CVE-2025-34158 Plex Media Server (PMS) is software that allows users to turn their Windows/Linux/macOS computer or their network-attached storage devices into a personal media server. It organizes their movies, music, photos, and other media and enables them to stream the content on nearly … More → The post 300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 appeared first on Help Net Security.
http://news.poseidon-us.com/TMjx5b

One Step Ahead: Stark Industries Solutions Preempts EU Sanctions

Before facing EU sanctions in May 2025, Stark Industries Solutions executed a strategic infrastructure overhaul to maintain operations. This report reveals how rebranding, RIPE resource manipulation, and cross-border obfuscation enabled the sanctioned web host to remain resilient — highlighting the persistent challenge of threat activity enablers.
http://news.poseidon-us.com/TMjtvx

NIST Revises Security and Privacy Control Catalog to Improve Software Update and Patch Releases

The catalog revision is part of NIST’s response to a recent Executive Order on strengthening the nation’s cybersecurity.
http://news.poseidon-us.com/TMjtZJ

AI agents spark mix of anticipation, skepticism and fear: Workday

Most survey respondents were open to working with AI agents, but only 30% were comfortable with being managed by them.
http://news.poseidon-us.com/TMjjbX

AI Security Map: Linking AI vulnerabilities to real-world impact

A single prompt injection in a customer-facing chatbot can leak sensitive data, damage trust, and draw regulatory scrutiny in hours. The technical breach is only the first step. The real risk comes from how quickly one weakness in an AI system can trigger a chain of business, legal, and societal impacts. Researchers at KDDI Research have developed the AI Security Map to connect those dots, showing how technical failures lead to harm that reaches far … More → The post AI Security Map: Linking AI vulnerabilities to real-world impact appeared first on Help Net Security.
http://news.poseidon-us.com/TMjSzN

How compliance teams can turn AI risk into opportunity

AI is moving faster than regulation, and that creates opportunities and risks for compliance teams. While governments work on new rules, businesses cannot sit back and wait. In this Help Net Security interview, Matt Hillary, CISO at Drata, look at how AI is changing the role of governance, risk, and compliance, from handling sensitive data to making compliance a continuous, adaptive process. Are regulators moving fast enough to address the risks and opportunities AI brings … More → The post How compliance teams can turn AI risk into opportunity appeared first on Help Net Security.
http://news.poseidon-us.com/TMjSyf

Hottest cybersecurity open-source tools of the month: August 2025

This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Buttercup: Open-source AI-driven system detects and patches vulnerabilities Buttercup is a free, automated, AI-powered platform that finds and fixes vulnerabilities in open-source software. Developed by Trail of Bits, it recently earned second place in DARPA’s AI Cyber Challenge (AIxCC). EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations EntraGoat is a purpose-built tool that sets … More → The post Hottest cybersecurity open-source tools of the month: August 2025 appeared first on Help Net Security.
http://news.poseidon-us.com/TMjSxr

What CISOs can learn from Doppel’s new AI-driven social engineering simulation

Doppel has introduced a new product called Doppel Simulation, which expands its platform for defending against social engineering. The tool uses autonomous AI agents to create multi-channel simulations that mirror how attackers operate across email, SMS, messaging apps, and soon voice. The goal is to move beyond legacy phishing tests that rely on email click rates and instead measure resilience across a broader set of real-world attack paths. For CISOs, the launch represents a shift … More → The post What CISOs can learn from Doppel’s new AI-driven social engineering simulation appeared first on Help Net Security.
http://news.poseidon-us.com/TMjSvy