Blog

Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities

Multiple vulnerabilities in Cisco IOS XR Software could allow an authenticated, local attacker to execute commands as root on an underlying operating system or gain full administrative control of an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. A workaround is available for one of the vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privesc-bF8D5U4W This advisory is part of the March 2026 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2026 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication. Security Impact Rating: High CVE: CVE-2026-20040,CVE-2026-20046
http://news.poseidon-us.com/TRQy4K

Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability

A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) multi-instance routing feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the IS-IS process to restart unexpectedly. This vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending crafted IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the IS-IS process to restart unexpectedly, resulting in a temporary loss of connectivity to advertised networks and a denial of service (DoS) condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and must have formed an adjacency.   Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isis-dos-kDMxpSzK This advisory is part of the March 2026 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2026 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication. Security Impact Rating: High CVE: CVE-2026-20074
http://news.poseidon-us.com/TRQy3y

Fortanix helps enterprises build resilience with multi-sourced quantum entropy

Fortanix announced a new multi-sourced quantum entropy capability within Fortanix Data Security Manager (DSM), enabling enterprises to diversify encryption key generation at the origin of trust. Through partnerships with Qrypt and Quantum Dice, Fortanix integrates independent, physics-based quantum entropy sources directly into its key management workflows, enabling compliance requirements that require multiple entropy sources and extending zero-trust principles to the entropy layer. Encryption remains the bedrock of digital security, but as AI systems, quantum computing … More → The post Fortanix helps enterprises build resilience with multi-sourced quantum entropy appeared first on Help Net Security.
http://news.poseidon-us.com/TRQvPs

Network Map 2.0 provides live network mapping and faster risk containment

Zero Networks has announced Network Map 2.0, an advancement in real-time network mapping designed to help large enterprises eliminate decision paralysis, reduce blast radius and turn visibility into immediate, enforceable action. Network Map 2.0 capability replaces static, point-in-time visualizations that must be generated on demand with a continuously updated, living map of the enterprise. Unlike legacy microsegmentation approaches that rely on delayed, point-in-time analysis of historical data, Network Map 2.0 operates in real-time. It continuously … More → The post Network Map 2.0 provides live network mapping and faster risk containment appeared first on Help Net Security.
http://news.poseidon-us.com/TRQvNB

Vicarius vIntelligence brings continuous risk validation and AI-driven security automation

Vicarius has announced the launch of vIntelligence, a new product that introduces agentic intelligence and continuous validation to the company’s security portfolio. With this release, Vicarius becomes a two-product company. Its flagship platform, vRx, moves beyond detection to provide advanced, native remediation at scale. vIntelligence addresses a different but closely related challenge. While security teams have no shortage of findings, they often lack assurance. vIntelligence was built to continuously validate risk across fragmented security data … More → The post Vicarius vIntelligence brings continuous risk validation and AI-driven security automation appeared first on Help Net Security.
http://news.poseidon-us.com/TRQq32

Meta turns to AI to sniff out scams on Facebook, Messenger and WhatsApp

Meta’s new tools on Facebook, Messenger, and WhatsApp protect users from scams. They use advanced AI systems to analyze text, images, and surrounding context and identify sophisticated scam patterns. Facebook alerts for suspicious friend requests (Source: Meta) The systems detect impersonation of celebrities, public figures, and brands. They also identify deceptive links and domain impersonation and take action against content that redirects people to sites that mimic legitimate ones. “Across our apps, our systems find … More → The post Meta turns to AI to sniff out scams on Facebook, Messenger and WhatsApp appeared first on Help Net Security.
http://news.poseidon-us.com/TRQpyp

Anthropic forms institute to study long-term AI risks facing society

Anthropic has established the Anthropic Institute, a research unit focused on studying the societal effects of AI and informing policy responses to risks from more advanced systems. “In the five years since Anthropic began, AI progress has moved incredibly quickly. It took us two years to release our first commercial model, and just three more to develop models that can discover severe cybersecurity vulnerabilities, take on a wide range of real work, and even begin … More → The post Anthropic forms institute to study long-term AI risks facing society appeared first on Help Net Security.
http://news.poseidon-us.com/TRQkpX