Blog – Page 50 – VigilantAI

March 31, 2025
No Comments

Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp

March 31, 2025
No Comments

Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images

March 31, 2025
No Comments

⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More

March 31, 2025
No Comments

5 Impactful AWS Vulnerabilities You’re Responsible For

March 31, 2025
No Comments

Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine

March 30, 2025
No Comments

RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features

March 29, 2025
No Comments

New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials

March 29, 2025
No Comments

BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability

March 28, 2025
No Comments

Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA

March 28, 2025
No Comments

CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection

The Evolving Importance of Identity Governance in FinTech July 10, 2025
In the rapidly evolving FinTech landscape, data is power, and access to this data must be seamless but at the same time secure. FinTech companies offer novel services to sizable consumers; however, they must secure sensitive financial information against breaches, fraud, and any regulatory violations. The data security requires managing access privileges for internal employees, […]
Anant Wairagade
ServiceNow Fixes High-Severity Data Leak Flaw After Varonis Uncovers ‘Count(er) Strike)’ July 10, 2025
A high-severity vulnerability in the ServiceNow platform could have exposed vast amounts of sensitive data to low-privileged or even anonymous users. Researchers at Varonis Threat Labs discovered the issue, dubbed Count(er) Strike, which exploits a flaw in how the system displays record counts, offering attackers a quiet but powerful method of data inference and exfiltration. […]
Kirsten Doyle
Google’s Gemini Can Now Access WhatsApp by Default, Even If Tracking Is Off July 10, 2025
Google has quietly switched on default access for its Gemini AI to interact with apps like WhatsApp, even if you previously told it not to. Android users began receiving emails last week alerting them that Gemini now has broader access to their phones. As of 9 July, the AI assistant can read and act on […]
Kirsten Doyle
M&S Chair Admits Devastating Cyberattack but Refuses to Say if Ransom Was Paid July 10, 2025
Marks & Spencer chairman Archie Norman has faced tough questions in Parliament after a cyberattack that paralysed the British retailer’s digital operations for months and is expected to cost the company £300 million in lost profits. Appearing before the Business and Trade Committee on 8 July, Norman described the breach as “devastating” but refused to […]
Kirsten Doyle
AI Impersonator Posed as Secretary of State Rubio to Target World Leaders July 9, 2025
An unidentified individual used artificial intelligence to impersonate U.S. Secretary of State Marco Rubio, contacting foreign ministers, a U.S. governor, and a member of Congress via voice and text messages, according to a State Department cable first seen by The Washington Post. The impersonator cloned Rubio’s voice using AI-powered software, then reached out through Signal, […]
Kirsten Doyle
Tax Credit Consultancy Exposes Nearly 250,000 Records in Major Data Breach July 9, 2025
A tax credit consulting firm seems to have exposed the personal data of thousands of Americans after leaving a slew of sensitive documents unprotected online. The breach was discovered by cybersecurity researcher Jeremiah Fowler, who reported his findings to vpnMentor. As outlined by Fowler, the unencrypted, non-password-protected database contained 245,949 records, which translated to nearly […]
Kirsten Doyle
CISA Flags Four Actively Exploited Flaws, Urges Swift Remediation July 9, 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four more security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, citing clear evidence of active exploitation in the wild. The latest additions span a range of technologies, some dating back more than a decade. The vulnerabilities are: CVE-2014-3931 (CVSS score: 9.8) – A buffer […]
Kirsten Doyle
Mitigating the Toxic Cloud Trilogy to Empower Everyone from the Most to the Least Tech-Savvy July 8, 2025
Cloud computing has its perks: speed, scalability, and innovation, to name just a few. However, increasing reliance on cloud computing has changed the threat landscape and created substantial points of vulnerability. The toxic cloud trilogy of cloud workload risks – those that are publicly exposed, critically vulnerable, and highly privileged – represents the most dangerous. […]
Josh Breaker Rolfe
Ransomware Attack Cripples Ingram Micro, Disrupts Global Services July 8, 2025
Ingram Micro has confirmed a ransomware attack that has forced systems offline and disrupted core services across its global operations. The breach, first reported as an unexplained outage on 3 July has now been linked to the SafePay ransomware group, one of the more active players in the 2025 threat landscape. By 6 July, the […]
Kirsten Doyle
Stolen Identities Now the Biggest Threat in Cybersecurity July 8, 2025
The biggest threat to your business may no longer be malware or ransomware. It’s your people. Or rather, their identities. Between 2023 and the first quarter of 2025, identity-driven threats surged by 156%, now accounting for 59% of all confirmed cyber incidents, according to new research by eSentire’s Threat Response Unit (TRU). The findings mark […]
Kirsten Doyle