Blog – Page 191 – VigilantAI

April 26, 2025
No Comments

ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion

April 25, 2025
No Comments

North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures

April 25, 2025
No Comments

Why NHIs Are Security’s Most Dangerous Blind Spot

April 25, 2025
No Comments

SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers

April 25, 2025
No Comments

Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers

April 25, 2025
No Comments

DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks

April 24, 2025
No Comments

Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Zero-Day and ThreatNeedle Malware

April 24, 2025
No Comments

Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools

April 24, 2025
No Comments

159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure

April 24, 2025
No Comments

Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals

The evolution of cyber risk: Addressing geopolitical threats May 13, 2026
Ransomware, data breaches, phishing schemes—cyber attacks can take many forms. Traditionally, the motive of these attackers can often be traced back to some sort of tangible goal. An attacker may want to extort some financial gain from a business, while another may seek to gather sensitive information to commit other crimes, like fraud. Any breach […]
Avani Desai
Canvas cyberattack disrupts universities as ShinyHunters threatens massive data leak May 12, 2026
An attack on the popular Instructure Canvas learning management system has caused major disruptions for schools and universities in the US, just as students gear up for finals. This poses a serious threat to the personal data of millions of students and teachers. Multiple institutions reported outages affecting the web-based Canvas platform on Thursday, with […]
Kirsten Doyle
Zara Owner Inditex Confirms Customer Data Breach Affecting Nearly 200,000 People May 11, 2026
Fashion retailer Inditex, the parent company of Zara, has confirmed unauthorized access to customer transaction databases hosted by a third-party provider. Data breach notification service Have I Been Pwned said approximately 197,400 unique email addresses were included in the leaked dataset. The company said it had launched security protocols and notified the relevant authorities following the incident, Reuters […]
Kirsten Doyle
Online Safety Act failing to deliver “step change” for children, report warns May 11, 2026
A new report published by Internet Matters, reveals that the Online Safety Act (OSA) in the UK, although bringing visibility of online safety tools, does not seem to be living up to expectations of providing the much-needed “meaningful protection from harm.” In their report titled The Online Safety Act: Are Children Safer Online?, Internet Matters has highlighted a […]
Kirsten Doyle
Investigating the aftermath: understanding digital forensics after a cyber incident May 7, 2026
Successfully recovering your business from a cyberattack often requires much more than just loading up backups. Although your first instinct is likely to prioritize normal operations as quickly as possible, there’s also the important process of taking a detailed look at events before moving forward. Taking the time to investigate past events helps you understand […]
Nazy Fouladirad
“Recovery Is the New Prevention”: a Q&A with CSO of Health-ISAC, Errol Weiss May 7, 2026
Errol Weiss spent fourteen years in banking and finance before joining Health-ISAC, where he serves as Chief Security Officer. His career has tracked a quiet but profound shift in how critical sectors think about cyber defense, away from prevention at all costs, toward resilience and rapid recovery. In a conversation with Joe Pettit, Weiss explains why treating attacks as inevitable changes […]
Errol Weiss and Joe Pettit
Trelix admits breach on a ‘portion’ of its source code repository May 7, 2026
Trellix has disclosed unauthorized access to a portion of its source code repository. However, it did not specify which portion of its source code was accessed, nor did it provide many further details about the incident. “Upon learning of this matter, we immediately began working with leading forensic experts to resolve it. We have also notified law enforcement,” the company said in a statement. Based on its investigation to date, Trellix added […]
Kirsten Doyle
Security’s Blind Spot: The Threats Hiding in “Low-Severity” Alerts May 6, 2026
Security operations centers (SOCs) operate under a difficult reality where there are far more security alerts than human analysts available to investigate them. As organizations expand their digital environments and deploy more security tools, alert volume continues to grow faster than teams can realistically manage. AI is really just another layer that accelerates the volume […]
Mitchem Boles
Microsoft Edge Found Holding Saved Credentials in Plaintext Memory May 6, 2026
Security researcher Tom Jøran Sønstebyseter Rønning, posting as @L1v1ng0ffTh3L4N, has revealed that Microsoft Edge decrypts every saved password at startup and holds all of them in process memory, in cleartext, for the entire browser session. He says this includes passwords for sites the user is visiting as well as every credential the user’s ever saved. The passwords are held in memory from the moment Edge […]
Kirsten Doyle
US weighs slashing vulnerability patching deadlines as AI-driven threats accelerate May 6, 2026
There are discussions in US cybersecurity circles to radically shorten the time given to government agencies to fix software vulnerabilities currently being exploited, especially amid concerns about the growing use of artificial intelligence-based attacks. According to a report by Reuters, there are talks of reducing the time frame from the current two or three weeks down to just three days, dramatically raising the pace of defensive operations across government systems. These conversations, initiated by CISA and the […]
Kirsten Doyle