Blog

Open-source server management platform Proxmox VE 9.0 released

Proxmox Virtual Environment (VE) 9.0 introduces advancements in both storage and networking capabilities, addressing critical enterprise demands. A highlight is the long-awaited support for snapshots on thick-provisioned LVM shared storage, improving storage management capabilities especially for enterprise users with Fibre Channel (FC) or iSCSI SAN environments. With newly added “fabric” support for Software-Defined Networking (SDN), administrators can construct highly complex and scalable network architectures. Highlights in Proxmox Virtual Environment 9.0 Debian 13 “Trixie” at the … More → The post Open-source server management platform Proxmox VE 9.0 released appeared first on Help Net Security.
http://news.poseidon-us.com/TML1JQ

SpyCloud adds AI Insights to Investigations, speeds insider and identity threat detection

SpyCloud has introduced enhancements to its SaaS Investigations solution, integrating advanced AI-powered insights that mirror the tradecraft of SpyCloud’s seasoned investigators. Building on the foundation of its IDLink identity analytics, this new capability further automates and accelerates complex cybercrime investigations, empowering security operations, cyber threat intelligence, and fraud and risk prevention teams to uncover critical findings faster than ever to combat evolving identity threats, including employment fraud. SpyCloud Investigations with AI Insights marks a pivotal … More → The post SpyCloud adds AI Insights to Investigations, speeds insider and identity threat detection appeared first on Help Net Security.
http://news.poseidon-us.com/TML1Gw

Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987)

Unauthenticated command injection vulnerabilities (CVE-2025-54948, CVE-2025-54987) affecting the on-premise version of Trend Micro’s Apex One endpoint security platform are being probed by attackers, the company has warned on Wednesday. Unfortunately for those organizations that use it, a patch is still in the works and is expected to be released around the middle of August 2025. But the company has provided a “fix tool” that mitigates the risk of exploitation in the short term – though … More → The post Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987) appeared first on Help Net Security.
http://news.poseidon-us.com/TML1G9

Descope enhances AI identity security with Agentic Identity Control Plane

Descope launched Agentic Identity Control Plane, a solution that enables security teams to institute policy-based governance, auditing, and identity management for their AI agent and Model Context Protocol (MCP) ecosystems. The Agentic Identity Control Plane builds on top of the existing Descope Agentic Identity Hub to mark a huge step forward in Descope’s vision of becoming the identity provider for AI agents. As AI agents, LLMs, and MCP servers continue gaining rapid adoption, security leaders … More → The post Descope enhances AI identity security with Agentic Identity Control Plane appeared first on Help Net Security.
http://news.poseidon-us.com/TML16C

Who Got Arrested in the Raid on the XSS Crime Forum?

On July 22, 2025, the European police agency Europol said a long-running investigation led by the French Police resulted in the arrest of a 38-year-old administrator of XSS, a Russian-language cybercrime forum with more than 50,000 members. The action has triggered an ongoing frenzy of speculation and panic among XSS denizens about the identity of the unnamed suspect, but the consensus is that he is a pivotal figure in the crime forum scene who goes by the hacker handle “Toha.” Here’s a deep dive on what’s knowable about Toha, and a short stab at who got nabbed.
http://news.poseidon-us.com/TMKxGj

5 White House AI roadmap takeaways for CIOs

Experts say the deregulatory direction gives executives a confidence boost to accelerate strategies, but questions remain about execution.
http://news.poseidon-us.com/TMKsNR

MIND launches autonomous DLP platform to put data protection on autopilot

MIND announced the general availability of the first autonomous DLP platform, enabling security teams to safely use GenAI, go beyond compliance, and automate data protection across all IT environments by reducing manual work and preventing sensitive data leaks. Built from the ground up as an AI-native DLP platform to automate the entire lifecycle of data protection, MIND delivers: Data discovery: Automated and continuous inventory of sensitive data at rest and user/agentic AI/non-human activities to remove … More → The post MIND launches autonomous DLP platform to put data protection on autopilot appeared first on Help Net Security.
http://news.poseidon-us.com/TMKs7J

Black Kite launches Adversary Susceptibility Index to expose vendor threat actor risk

Black Kite has unveiled the Adversary Susceptibility Index (ASI), a tool designed for TPRM teams to proactively identify which vendors are most vulnerable to specific threat actors before threats escalate into breaches. “With high-profile threats like Volt Typhoon, Black Basta, and APT29, security teams cannot wait for weeks to respond,” said Ferhat Dikbiyik, Chief Research and Intelligence Officer, Black Kite. “As threat actors become more targeted and sophisticated, third-party risk teams need tools that reflect the … More → The post Black Kite launches Adversary Susceptibility Index to expose vendor threat actor risk appeared first on Help Net Security.
http://news.poseidon-us.com/TMKs6C

Cybersecurity and the development of software-defined vehicles

In many automotive companies, the same systems-engineering teams are responsible for both safety and security. As a result, cybersecurity is treated as a subset of safety, undergirded by an implicit assumption: “If it’s safe, it must be secure.” But that’s not necessarily always the case. As so many chief information and product security officers across the industry have seen, a vehicle deemed functionally safe under ISO 26262 can be highly vulnerable to cyber threats, especially … More → The post Cybersecurity and the development of software-defined vehicles appeared first on Help Net Security.
http://news.poseidon-us.com/TMKs3L

Do sextortion scams still work in 2025?, (Wed, Aug 6th)

Sextortion e-mails have been with us for quite a while, and these days, most security professionals tend to think of them more in terms of an “e-mail background noise” rather than as if they posed any serious threat. Given that their existence is reasonably well-known even among general public, this viewpoint would seem to be justified… But are sextortion messages really irrelevant as a threat at this point, and can we therefore safely omit this topic during security awareness trainings?
http://news.poseidon-us.com/TMKqXj