Blog – Page 50 – VigilantAI

May 22, 2025
No Comments

Webinar: Learn How to Build a Reasonable and Legally Defensible Cybersecurity Program

May 22, 2025
No Comments

Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks

May 22, 2025
No Comments

Identity Security Has an Automation Problem—And It’s Bigger Than You Think

May 22, 2025
No Comments

FBI and Europol Disrupt Lumma Stealer Malware Network Linked to 10 Million Infections

May 21, 2025
No Comments

Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics

May 21, 2025
No Comments

PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms

May 21, 2025
No Comments

Securing CI/CD workflows with Wazuh

May 21, 2025
No Comments

Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims

May 21, 2025
No Comments

How to Detect Phishing Attacks Faster: Tycoon2FA Example

May 21, 2025
No Comments

Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps

Meta Ads Spread Advanced Crypto-Stealing Malware September 1, 2025
A new malvertising wave is moving from desktops to phones. The platform: Meta’s ad network. The target: Android users. The prize: cryptocurrency. Bitdefender Labs says attackers have shifted gears after months of hitting Windows. Now the lure is a fake TradingView Premium app, pushed through Facebook ads. The download doesn’t deliver charting software. It drops […]
Kirsten Doyle
CISA, NSA, and FBI Warn of Ongoing Chinese State-Sponsored Cyber Espionage August 29, 2025
The Cybersecurity and Infrastructure Security Agency (CISA), together with the NSA, FBI, and more than a dozen international partners, has issued a joint advisory on Chinese state-sponsored cyber activity. The alert, AA25-239A, details the long-running operations of Advanced Persistent Threat (APT) actors tracked as Salt Typhoon, OPERATOR PANDA, RedMike, UNC5807, and GhostEmperor. These actors have […]
Kirsten Doyle
AI Used to Run Unprecedented Cybercrime Operation, Anthropic Reports August 29, 2025
An attacker turned an AI chatbot into a full-scale criminal operation. The target: at least 17 companies across healthcare, government, and emergency services. The tool: Claude, Anthropic’s advanced AI. The result is a cybercrime campaign of staggering scope and sophistication. Anthropic revealed the operation in a report released this week. The bad actor leveraged Claude […]
Kirsten Doyle
TransUnion Confirms Cyber Attack Exposing Data of 4.4 Million People August 29, 2025
This week, TransUnion confirmed a major cyber incident that exposed personal data of more than 4.4 million people. The breach happened on 28 July, and was discovered two days later. Notification letters began reaching affected consumers on 26 August. “We are writing to make you aware of a cyber incident involving unauthorized access to some […]
Kirsten Doyle
Heartbeats and Headaches: Wearable Tech’s Privacy Problem August 29, 2025
For many of us, wearable technology has become a part of everyday life, a way to track key health metrics to improve our overall wellbeing. But a new report from vpnMentor has suggested that these health benefits come at a significant cost to our privacy. Tracked Health Data is a Regulatory Gray Area According […]
Josh Breaker Rolfe
Whistleblower Claims DOGE Put Critical Social Security Data at Risk August 28, 2025
A whistleblower says the government put every American’s Social Security record at risk. Charles Borges, Chief Data Officer at the Social Security Administration, filed the complaint. He describes a “live copy of the country’s Social Security information in a cloud environment that circumvents oversight.” The file is the Numident database. It holds names, birth dates, […]
Kirsten Doyle
Widespread Salesforce Data Theft Exploits Salesloft Drift Integration August 28, 2025
A major data theft campaign has hit corporate Salesforce instances. The actor, tracked as UNC6395, leveraged compromised OAuth tokens from the Salesloft Drift application to pull data. The attacks ran from August 8 through at least August 18. Google Threat Intelligence Group (GTIG) says the campaign moved at scale. Data was exported by the bucketful. […]
Kirsten Doyle
What JPMorgan gets right about AI security — and why storage must catch up August 27, 2025
JPMorgan’s open letter to technology vendors isn’t just another security advisory — it’s a watershed moment for enterprise AI adoption. When the world’s largest bank publicly demands that providers “urgently reprioritize security,” it signals a fundamental shift in how businesses will evaluate AI systems going forward. Though the message was originally aimed at SaaS providers, […]
Giorgio Regni
Critical Docker Desktop Flaw Exposes Host Systems to Malicious Containers August 27, 2025
Containers are supposed to isolate and keep things in their lane. But a new vulnerability proves that line is fragile. CVE-2025-9074 affects Docker Desktop on Windows and macOS. A malicious container can reach the Docker Engine, launch other containers, mount the host filesystem, and escalate privileges to admin. The score is 9.3. It is critical. […]
Kirsten Doyle
New ZipLine Campaign Exploits Contact Forms to Target US Supply Chains August 27, 2025
Bad actors are patient. They know trust takes time. With ZipLine, they have turned patience into a weapon. Check Point Research has uncovered a campaign aimed at U.S. manufacturers and supply-chain critical industries. The trick is simple, yet unusual. The attacker does not send the first email. Instead, they use the target’s own “Contact Us” […]
Kirsten Doyle