Blog – Page 44 – VigilantAI

May 30, 2025
No Comments

New EDDIESTEALER Malware Bypasses Chrome’s App-Bound Encryption to Steal Browser Data

May 30, 2025
No Comments

From the “Department of No” to a “Culture of Yes”: A Healthcare CISO’s Journey to Enabling Modern Care

May 30, 2025
No Comments

China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil

May 30, 2025
No Comments

U.S. Sanctions Funnull for $200M Romance Baiting Scams Tied to Crypto Fraud

May 30, 2025
No Comments

ConnectWise Hit by Cyberattack; Nation-State Actor Suspected in Targeted Breach

May 30, 2025
No Comments

Meta Disrupts Influence Ops Targeting Romania, Azerbaijan, and Taiwan with Fake Personas

May 29, 2025
No Comments

Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools

May 29, 2025
No Comments

New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers

May 29, 2025
No Comments

DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints

May 29, 2025
No Comments

Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations

What JPMorgan gets right about AI security — and why storage must catch up August 27, 2025
JPMorgan’s open letter to technology vendors isn’t just another security advisory — it’s a watershed moment for enterprise AI adoption. When the world’s largest bank publicly demands that providers “urgently reprioritize security,” it signals a fundamental shift in how businesses will evaluate AI systems going forward. Though the message was originally aimed at SaaS providers, […]
Giorgio Regni
Critical Docker Desktop Flaw Exposes Host Systems to Malicious Containers August 27, 2025
Containers are supposed to isolate and keep things in their lane. But a new vulnerability proves that line is fragile. CVE-2025-9074 affects Docker Desktop on Windows and macOS. A malicious container can reach the Docker Engine, launch other containers, mount the host filesystem, and escalate privileges to admin. The score is 9.3. It is critical. […]
Kirsten Doyle
New ZipLine Campaign Exploits Contact Forms to Target US Supply Chains August 27, 2025
Bad actors are patient. They know trust takes time. With ZipLine, they have turned patience into a weapon. Check Point Research has uncovered a campaign aimed at U.S. manufacturers and supply-chain critical industries. The trick is simple, yet unusual. The attacker does not send the first email. Instead, they use the target’s own “Contact Us” […]
Kirsten Doyle
Farmers Insurance Breach Exposing 1.1 Million Customers August 27, 2025
Farmers Insurance has confirmed a breach affecting more than 1.07 million customers nationwide. The intrusion traces to a third-party vendor and links to a broader wave of attacks targeting Salesforce environments. Google, Cisco, Adidas, Qantas, and Allianz have also fallen victim. The breach began on 29 May. Farmers’ notification explains: “One of Farmers’ third-party vendors […]
Kirsten Doyle
Fortinet Uncovers Phishing Campaign Targeting Companies via UpCrypter August 27, 2025
Researchers recently uncovered a worldwide phishing scam that leverages highly convincing phishing emails to deliver a malware dropper called UpCrypter. According to Fortinet FortiGuard Labs, the detection count has doubled within a timespan of two weeks; an alarming rate of growth. Researcher Cara Lin observed, “This is not just about stealing email logins, but is […]
Katrina Thompson
AI and Supply Chain Transparency Redefine Embedded Software Security in 2025 August 27, 2025
The embedded software world is undergoing one of its most profound shifts in decades, according to Black Duck’s State of Embedded Software Quality and Safety 2025 report. The global survey of 785 developers, managers, and security professionals reveals the two major forces reshaping the industry: the rapid adoption of AI for development, and the growing […]
Josh Breaker Rolfe
Malicious Go Module Sends Stolen SSH Credentials to Telegram August 26, 2025
A Go package disguised as an SSH brute forcer has been caught stealing credentials and sending them straight to a Telegram bot controlled by a Russian-speaking threat actor. Socket’s Threat Research Team found the package, called golang-random-ip-ssh-bruteforce, still live on GitHub and the Go Module registry. It claims to be a “fast” SSH brute forcer. […]
Kirsten Doyle
The Technologies Redefining UK, European, and NATO Defence August 26, 2025
The United Kingdom is sharpening its defence posture. Five technologies stand at the heart of this effort. While the industry’s heavyweights continue to supply capability, fresh value lies with early to mid-stage firms. These smaller players, often led by veterans and security professionals, move fast. They innovate, adapt, and bring new answers to complex military […]
Kirsten Doyle
Reflections on the Web: Threats, AI, and the Road Ahead August 26, 2025
The web began quietly. A few servers, a handful of users, a few ideas. It promised knowledge at the speed of light. But as the connections multiplied, so did the shadows. Each innovation brings progress, but also vulnerability. Today, the internet is no longer a tool; it is a living, sprawling ecosystem. And its evolution […]
Kirsten Doyle
CrowdStrike Thwarts Malvertising Drive for SHAMOS on macOS August 25, 2025
Between June and August this year, CrowdStrike’s Falcon platform stopped a coordinated malware campaign aimed at more than 300 customer environments. The operation involved SHAMOS, a variant of the Atomic macOS Stealer (AMOS), built and rented out by the cybercriminal group COOKIE SPIDER. The scheme was simple. Malvertising lured users searching for macOS fixes to […]
Kirsten Doyle