Blog – VigilantAI

July 3, 2025
No Comments

Massive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams

July 3, 2025
No Comments

Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms

July 3, 2025
No Comments

Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets

July 3, 2025
No Comments

The Hidden Weaknesses in AI SOC Tools that No One Talks About

July 3, 2025
No Comments

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

July 2, 2025
No Comments

North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign

July 2, 2025
No Comments

That Network Traffic Looks Legit, But it Could be Hiding a Serious Threat

July 2, 2025
No Comments

Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns

July 2, 2025
No Comments

U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware

July 2, 2025
No Comments

Vercel’s v0 AI Tool Weaponized by Cybercriminals to Rapidly Create Fake Login Pages at Scale

The Role of Penetration Testing in ATM Cybersecurity July 3, 2025
Although many financial institutions offer digital services, ATMs remain critical points of interaction between banks and customers and an attractive target for cybercriminals. ATM attack methods are becoming more sophisticated, from card skimming to malware injection and man-in-the-middle attacks. Ensuring strong ATM cybersecurity is essential to safeguarding customer data, protecting financial assets, and maintaining consumer […]
Zac Amos
Security Holes Plague EU Border Database, Report Finds July 3, 2025
The Schengen Information System II (SIS II) is meant to be a digital sentinel for Europe’s borders. It flags suspects, alerts officials, and logs biometric data in real time. But behind the promise lies a system riddled with security flaws. Bloomberg reviewed confidential documents showing thousands of unpatched vulnerabilities. Some date back years. In a […]
Kirsten Doyle
Qantas Confirms Cyber Incident Affecting Up To 6 Million Customer Records July 3, 2025
Qantas has confirmed a cyber incident affecting a third-party platform used by one of its call centres. The breach exposed the personal data of frequent flyer members and other customers. It has now been contained. In a statement, the airline said it had launched an investigation after noticing strange activity on its customer service system, […]
Kirsten Doyle
PDFs: The New Frontier of Phishing July 3, 2025
Brand impersonation is nothing new. But Cisco Talos says it’s showing up in increasingly creative forms—especially within PDF attachments. A recent update to Cisco’s intelligence brand impersonation detection engine now expands its reach. It picks up a broader array of email threats where trusted brand names arrive not in plain text, but tucked inside PDF […]
Kirsten Doyle
Scattered Spider Takes Aim at Airlines and Transport Sector July 2, 2025
The notorious cybercrime group, known as Scattered Spider, is shifting its focus. According to warnings issued in late June, the group has begun targeting North American airline and transportation companies. The alerts come from both federal authorities and private sector threat intelligence teams. The FBI confirmed this in a public advisory. The group’s method is […]
Kirsten Doyle
AI Chatbots Are Pointing Users to Phishing Sites. It’s Worse Than You Think July 2, 2025
When researchers at Netcraft asked a large language model where to log in to major online services, the answers were often wrong. Sometimes, dangerously so. Of 131 login URLs suggested for 50 brands, 34% were not controlled by the brand in question. The findings were released in a detailed breakdown of domain accuracy, with one […]
Kirsten Doyle
C4 Exploit Cracks Chrome’s Cookie Protection July 2, 2025
Low-privileged malware can still steal Chrome cookies, despite Google’s latest defenses. In mid-2024, Google introduced AppBound Cookie Encryption, a major shift in how Chrome protects browser cookies from theft. The goal: block infostealers that operate with user-level privileges. The technique, praised as a meaningful upgrade, encrypted cookie keys twice,once using the user’s credentials, and again […]
Kirsten Doyle
Crypto Fraud Ring Busted in Spain After Bilking 5,000 Victims Worldwide July 1, 2025
Spanish authorities have arrested five alleged members of a sprawling crypto investment fraud network accused of laundering EUR 460 million in stolen funds. The operation, supported by Europol and law enforcement from the United States, France, and Estonia, is a major step towards taking down one of Europe’s most far-reaching and nefarious financial crime schemes. […]
Kirsten Doyle
Bluetooth Chip Flaws Leave Headphones Open to Hijack July 1, 2025
Multiple security flaws in Bluetooth chips made by Airoha could allow attackers to hijack wireless headphones and earbuds from major brands, including Sony, Beyerdynamic, and Marshall. That’s the warning from German IT security firm ERNW, which published its findings this week. Airoha supplies Bluetooth system-on-chip (SoC) components and reference designs used widely across the audio […]
Kirsten Doyle
Berlin Data Watchdog Flags AI Chatbot DeepSeek for Illegal Data Transfers to China July 1, 2025
The Berlin Commissioner for Data Protection has reported the AI app DeepSeek to Apple and Google for breaching European data protection laws. The watchdog says the app illegally transfers personal data from German users to servers in China, without the safeguards required under the GDPR. At the heart of the issue is DeepSeek, a multifunctional […]
Kirsten Doyle

Category: Blog

Massive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams

Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms

Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets

The Hidden Weaknesses in AI SOC Tools that No One Talks About

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign

That Network Traffic Looks Legit, But it Could be Hiding a Serious Threat

Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns

U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware

Vercel’s v0 AI Tool Weaponized by Cybercriminals to Rapidly Create Fake Login Pages at Scale

[email protected]