Blog – Page 16 – VigilantAI

June 4, 2025
No Comments

Your SaaS Data Isn’t Safe: Why Traditional DLP Solutions Fail in the Browser Era

June 4, 2025
No Comments

Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks

June 4, 2025
No Comments

HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass

June 3, 2025
No Comments

Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack

June 3, 2025
No Comments

Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code

June 3, 2025
No Comments

Scattered Spider: Understanding Help Desk Scams and How to Defend Your Organization

June 3, 2025
No Comments

Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets

June 3, 2025
No Comments

Microsoft and CrowdStrike Launch Shared Threat Actor Glossary to Cut Attribution Confusion

June 3, 2025
No Comments

Google Chrome to Distrust Two Certificate Authorities Over Compliance and Conduct Issues

June 3, 2025
No Comments

New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch

From Manual to Mindful: Elevating IT Support in the Age of Intelligent Automation July 4, 2025
Across industries, IT support is undergoing a quiet revolution. While it once meant a reactive help desk resolving tickets on a first-come, first-served basis, today’s model is more proactive, data-driven, and increasingly powered by AI. At the centre of this shift are small and mid-sized enterprises (SMEs), which face a unique set of challenges: tighter […]
Robert Phan
Critical Cisco Flaw Lets Attackers Gain Root Access to Unified CM July 4, 2025
Cisco has patched a critical flaw in its Unified Communications Manager (Unified CM) software that allowed unauthenticated remote attackers to log in using hardcoded root credentials. The vulnerability, tracked as CVE-2025-20309, carries a CVSS score of 10.0 (the highest possible) and affects select engineering special (ES) builds of version 15.0. The issue stems from development […]
Kirsten Doyle
Ransomware Group Hunters International Claims Shutdown, Offers Free Decryptors July 4, 2025
Hunters International, a notorious ransomware gang with ties to past high-profile cyberattacks, says it’s closing shop. The group made the announcement Thursday via its darknet extortion site, claiming it would release free decryption tools to help past victims recover data. “After careful consideration and in light of recent developments, we have decided to close the […]
Kirsten Doyle
Iranian Cyber Threats Surge Amid Geopolitical Tension July 4, 2025
Cyberattacks linked to Iranian threat groups are on the rise, according to a new threat intelligence report from security provider Blumira. The report highlights how escalating geopolitical tensions between the US and Iran are driving a surge in Iranian state-linked cybers activity, particularly targeting critical sectors like healthcare, energy, and government. Blumira, which monitors threats […]
Josh Breaker Rolfe
Cyber Criminals Target Prime Day Shoppers with Fake Amazon Domains and Phishing Scams July 4, 2025
Amazon Prime Day 2025 is almost here. So are the scammers. With global shoppers gearing up for deals on 8 July, bad actors are already laying traps. In June alone, researchers tracked more than 1,000 new domains mimicking Amazon. Nearly nine in ten were flagged as malicious or suspicious. Many used the phrase “Amazon Prime” […]
Kirsten Doyle
The Role of Penetration Testing in ATM Cybersecurity July 3, 2025
Although many financial institutions offer digital services, ATMs remain critical points of interaction between banks and customers and an attractive target for cybercriminals. ATM attack methods are becoming more sophisticated, from card skimming to malware injection and man-in-the-middle attacks. Ensuring strong ATM cybersecurity is essential to safeguarding customer data, protecting financial assets, and maintaining consumer […]
Zac Amos
Security Holes Plague EU Border Database, Report Finds July 3, 2025
The Schengen Information System II (SIS II) is meant to be a digital sentinel for Europe’s borders. It flags suspects, alerts officials, and logs biometric data in real time. But behind the promise lies a system riddled with security flaws. Bloomberg reviewed confidential documents showing thousands of unpatched vulnerabilities. Some date back years. In a […]
Kirsten Doyle
Qantas Confirms Cyber Incident Affecting Up To 6 Million Customer Records July 3, 2025
Qantas has confirmed a cyber incident affecting a third-party platform used by one of its call centres. The breach exposed the personal data of frequent flyer members and other customers. It has now been contained. In a statement, the airline said it had launched an investigation after noticing strange activity on its customer service system, […]
Kirsten Doyle
PDFs: The New Frontier of Phishing July 3, 2025
Brand impersonation is nothing new. But Cisco Talos says it’s showing up in increasingly creative forms—especially within PDF attachments. A recent update to Cisco’s intelligence brand impersonation detection engine now expands its reach. It picks up a broader array of email threats where trusted brand names arrive not in plain text, but tucked inside PDF […]
Kirsten Doyle
Scattered Spider Takes Aim at Airlines and Transport Sector July 2, 2025
The notorious cybercrime group, known as Scattered Spider, is shifting its focus. According to warnings issued in late June, the group has begun targeting North American airline and transportation companies. The alerts come from both federal authorities and private sector threat intelligence teams. The FBI confirmed this in a public advisory. The group’s method is […]
Kirsten Doyle

Category: Blog

Your SaaS Data Isn’t Safe: Why Traditional DLP Solutions Fail in the Browser Era

Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks

HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass

Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack

Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code

Scattered Spider: Understanding Help Desk Scams and How to Defend Your Organization

Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets

Microsoft and CrowdStrike Launch Shared Threat Actor Glossary to Cut Attribution Confusion

Google Chrome to Distrust Two Certificate Authorities Over Compliance and Conduct Issues

New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch

[email protected]