Blog – Page 2 – VigilantAI

February 5, 2026
No Comments

Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

February 5, 2026
No Comments

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

February 5, 2026
No Comments

Hackers Exploit React2Shell to Hijack Web Traffic via Compromised NGINX Servers

February 4, 2026
No Comments

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

February 4, 2026
No Comments

Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models

February 4, 2026
No Comments

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

February 4, 2026
No Comments

Orchid Security Introduces Continuous Identity Observability for Enterprise Applications

February 4, 2026
No Comments

The First 90 Seconds: How Early Decisions Shape Incident Response Investigations

February 4, 2026
No Comments

Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

February 4, 2026
No Comments

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

The Winter Olympics Are Back, and So Are Attackers February 6, 2026
The Olympics have traditionally been a major attack vector for cyber disruption, espionage, and financially motivated attacks. The 2018 Winter Olympic Games in PyeongChang saw the Olympic Destroyer malware used to disrupt Wi-Fi, ticket, and venue systems during the opening ceremony of the games. During the Paris 2024 event, there was an increase in scanning, […]
Kirsten Doyle
Rethinking the Security Estate: Why IT Spend Isn’t the Same as Cybersecurity Readiness February 5, 2026
Cybersecurity spend is projected to reach $183 billion by 2028, but that growth masks a dangerous misconception. Many midmarket organizations equate rising IT budgets with improved security, assuming that broad spending on technology automatically translates to better protection. However, this is creating a widening gap between what companies perceive and their actual security readiness. IT […]
Michael Gray
Microsoft: Python-Powered Infostealers Are Now Targeting macOS at Scale February 5, 2026
Microsoft has warned that information-stealing attacks are rapidly expanding beyond Windows to target Apple macOS environments using cross-platform languages such as Python. The software giant’s Defender Security Research Team has observed macOS-targeted infostealer campaigns using social engineering techniques like ClickFix since late 2025 to distribute disk image (DMG) installers that deploy stealer malware families like Atomic macOS Stealer (AMOS), MacSync, and DigitStealer. The […]
Kirsten Doyle
Forescout’s 2025 Threat Roundup: 84% OT Surge Signals Expanding Cyber Chaos February 5, 2026
In 2025, attackers didn’t only target traditional areas of vulnerability; they went after those with the least defense and the most rapid change. These include new AI technologies, web applications, and operational technology (OT) for industries such as healthcare, manufacturing, energy, government, and finance. In fact, attacks against OT protocol rose by a whopping 84% with Modbus, Ethernet/IP, and BACnet at the forefront. IoT exploits increased to 19%, hitting cameras and […]
Kirsten Doyle
Notepad++ Update Hijacked in Six-Month, State-Linked Supply-Chain Attack February 3, 2026
Attackers have hijacked the update mechanism of Notepad++, one of the world’s most popular open-source text editors, delivering malware to targeted users over a period of six months. In an advisory, developer Don Ho discussed how bad actors weaponized his two-decade-old project between June and December last year. An update, said: “Multiple independent security researchers have assessed that the threat actor is likely a Chinese state-sponsored group, which would explain […]
Kirsten Doyle
Attackers allege 1.4TB data breach at Iron Mountain February 3, 2026
The Everest ransomware group has claimed responsibility for the breach against the global information management and storage firm Iron Mountain, stating that it stole approximately 1.4 terabytes of the firm’s internal and customer data. The claims were made through the group’s posts on the dark web forums. The images provided by the attackers reveal that the names of several […]
Kirsten Doyle
Equipping Defenders: The Strategic Value of Adversary Infrastructure Intelligence February 3, 2026
In the world of cybersecurity, understanding adversary infrastructure is critical for defenders and researchers tracking adversary operations. We use the term “adversary infrastructure” to refer to any infrastructure that is established by or commandeered by adversaries to support their operations. This includes command and control (C2) servers, open web directories hosting malicious files, and residential […]
Emily Austin
Balancing Identity and Data Security in 2026: Why a Two-Pillar Strategy Matters February 2, 2026
Security teams entering 2026 face a familiar truth dressed in new clothes. The technologies change, the tools get smarter, but most compromises still trace back to two core areas of any organization: identity and data. Securing them with separate programs is an invitation to gaps and blind spots. Treating them as the two columns that […]
Dirk Schrader
Data Privacy Week 2026: Why Good Intentions Are No Longer Enough January 30, 2026
It’s Data Privacy Week, the annual international awareness initiative from the National Cybersecurity Alliance (NCA) aimed at empowering individuals and businesses to value individual privacy, safeguard data, and build trust. “Your online activities generate a treasure trove of data – from your interests to your purchases, as well as your online behaviors, and it is collected by websites, apps, […]
Kirsten Doyle
Sextortion and the Psychology of Fear: How Scammers Are Targeting Teenagers January 28, 2026
Sextortion is a form of extortion or blackmail in which a criminals threaten to share private or intimate information or images unless a victim gives them money. Criminals can get hold of these images by compromising credentials or coercing someone into sending the images or create deepfakes (i.e., images created with the help of AI) […]
Martina Dove

Category: Blog

Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

Hackers Exploit React2Shell to Hijack Web Traffic via Compromised NGINX Servers

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

Orchid Security Introduces Continuous Identity Observability for Enterprise Applications

The First 90 Seconds: How Early Decisions Shape Incident Response Investigations

Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

[email protected]