433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Turns out the C-suite loves shadow AI

Senior decision-makers are the heaviest users of unapproved AI tools, and they continue using them despite being aware of the security and privacy risks linked to shadow AI, according to TrustedTech’s Shadow AI in the Workplace report. The study found that 65% of decision-makers use shadow AI, compared with 31% of employees below decision-maker level. Net Shadow AI use (Source: TrustedTech) The data suggests that shadow AI is not mainly driven by junior employees experimenting … More → The post Turns out the C-suite loves shadow AI appeared first on Help Net Security.
http://news.poseidon-us.com/TSj6yb

Scientists discover atoms suddenly spinning backward in quantum experiment

Scientists have directly watched angular momentum move through a crystal for the very first time — and discovered a bizarre twist along the way. Using ultra-powerful terahertz laser pulses, researchers triggered tiny atomic rotations inside a quantum material and found that the direction of rotation can unexpectedly flip as momentum is transferred. The strange reversal happens because of the crystal’s underlying symmetry, creating an almost impossible-sounding effect where two rotations combine into one spinning the opposite way.
http://news.poseidon-us.com/TShhN2

Week in review: GitHub breached via poisoned VS Code extension, critical NGINX flaw exploited

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension Following TeamPCP’s claim that they’ve breached GitHub’s own private code repositories, the Microsoft-owned company launched an investigation and confirmed the compromise. Earbud sensors can authenticate users by their heartbeat, study finds Researchers built a continuous authentication system called AccLock that identifies a wearer by the tiny vibrations a heartbeat makes … More → The post Week in review: GitHub breached via poisoned VS Code extension, critical NGINX flaw exploited appeared first on Help Net Security.
http://news.poseidon-us.com/TShh8C

$20 per zero-day is already the WordPress plugin reality

Vulnerability researchers have spent the past year arguing about whether AI agents can find real bugs at scale or whether they mostly generate noise. A pipeline built in three days by researchers from TrendAI and CHT Security supplies an answer, along with a price tag that the security industry will have to reckon with. The system, presented at Ekoparty Miami, pairs AI-driven static analysis with automated Docker provisioning and dynamic verification through Chrome DevTools MCP. … More → The post $20 per zero-day is already the WordPress plugin reality appeared first on Help Net Security.
http://news.poseidon-us.com/TSgX72

Deleted Google API keys keep working for up to 23 minutes, researchers warn

Google API keys are credentials that let applications access Google services, from Maps to the Gemini AI. If a key is leaked, an attacker can use it to make API calls, rack up charges, and, if Gemini is enabled, access uploaded files and cached conversations. The assumed fix is simple: delete the key. But Aikido Security has found that deletion doesn’t actually work right away. The testing The researcherd found successful authentications up to 23 … More → The post Deleted Google API keys keep working for up to 23 minutes, researchers warn appeared first on Help Net Security.
http://news.poseidon-us.com/TSgRsW