Blog – Page 24 – VigilantAI

March 4, 2025
No Comments

VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches

March 4, 2025
No Comments

How New AI Agents Will Transform Credential Stuffing Attacks

March 4, 2025
No Comments

Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers

March 4, 2025
No Comments

Suspected Iranian Hackers Used Compromised Indian Firm’s Email to Target U.A.E. Aviation Sector

March 4, 2025
No Comments

Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm

March 4, 2025
No Comments

Google’s March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities

March 3, 2025
No Comments

Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail

March 3, 2025
No Comments

U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children’s Data Protection Practices

March 3, 2025
No Comments

Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites

March 3, 2025
No Comments

Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks

Senators Push to Extend Key Cybersecurity Protections April 17, 2025
Two senators have introduced a bipartisan bill to extend key cybersecurity protections that encourage businesses to share threat information with the federal government. The bill would renew provisions first signed into law under the Cybersecurity Information Sharing Act of 2015. Introduced by U.S. Senators Gary Peters (D-MI), Ranking Member of the Homeland Security and Governmental […]
Kirsten Doyle
4chan Reportedly Hacked, Moderator Information Potentially Exposed April 17, 2025
The controversial internet forum 4chan appears to have been hacked, according to multiple online reports. Alleged leaks suggest that a hacker gained access to backend infrastructure and exposed personal details of the site’s moderators. The breach first came to light when a previously inactive section of 4chan suddenly reappeared, displaying a bold message: “U GOT […]
Kirsten Doyle
Chinese Threat Group UNC5174 Caught Using New Tools in Ongoing Cyber Campaign April 17, 2025
After operating quietly for a year, a Chinese state-sponsored hacking group known as UNC5174 has launched a new cyber campaign, according to the Sysdig Threat Research Team (TRT). Sysdig researchers uncovered the campaign in late January 2025 when they spotted a malicious bash script downloading several files to maintain access on targeted systems. One of […]
Kirsten Doyle
Why Privileged Access Security Is Vital for Hybrid IT Environments April 17, 2025
Everyone wants access to something privileged, whether it’s an exclusive country club, a concert VIP area, or an airport lounge. For hackers, it’s privileged accounts. They especially target those in hybrid IT ecosystems since gaining control over a single privileged account of any part of the environment can enable them to establish control over the […]
Martin Cannard
Trojan WhatsApp, Wallet Apps Found on Chinese Android Phones April 17, 2025
A sophisticated campaign that pre-installs malware onto budget Android smartphones, targeting cryptocurrency users through a technique known as “clipping” has been discovered by Doctor Web‘s virus lab. Its findings reveal that malefactors have embedded a trojanized version of WhatsApp directly into the system partition of newly manufactured devices, exposing users to stealthy financial theft from […]
Kirsten Doyle
No Skills Needed: How AI Is Democratizing Document Fraud April 16, 2025
Towards the end of March, OpenAI debuted image generation features for its ChatGPT-4o and ChatGPT-4o mini models. Less than a week later, the tool was made available for free to all users, and since then, users have reported that the feature can be used to create convincing fake documents—including receipts and passports. According to the […]
Kirsten Doyle
OCC Reports Major Security Breach Involving Sensitive Emails April 16, 2025
The Office of the Comptroller of the Currency (OCC) has alerted Congress to a “major information security incident” following unauthorized access to its email systems, including messages containing sensitive financial data. The breach was discovered on 11 February 2025, and confirmed the following day. According to the OCC, the incident involved unusual activity by a […]
Kirsten Doyle
Cozy Bear Strikes Again: Sophisticated Phishing Campaign Hits EU Foreign Ministries April 16, 2025
APT29—also known as “Cozy Bear,” a notorious threat actor linked to Russia’s Foreign Intelligence Service (SVR)—has launched a new phishing campaign aimed at European diplomatic missions. This was revealed in a new report from Check Point Research. This latest campaign marks a continuation of the group’s long-running cyber espionage activities, with signs of both increased […]
Kirsten Doyle
Sell Your Source: Prodaft’s Plan to Infiltrate the Dark Web April 16, 2025
In a bold and unconventional move, cybersecurity intelligence firm Prodaft has debuted a new initiative called “Sell Your Source” (SYS) aimed at acquiring aged, verified accounts from underground hacking forums. The goal is to gain covert access to adversarial networks and uncover malicious operations from within. Through this initiative, Prodaft is offering to buy accounts […]
Kirsten Doyle
Fortinet Uncovers New Post-Exploitation Technique Targeting FortiGate Devices April 14, 2025
Fortinet discovered a new technique used by threat actors to maintain access to FortiGate devices, even after known vulnerabilities were patched. The company has since taken action to notify affected customers and provide mitigation guidance. What Happened? Fortinet’s internal security team found that malicious actors were exploiting known vulnerabilities—specifically FG-IR-22-398, FG-IR-23-097, and FG-IR-24-015—to gain access […]
Kirsten Doyle

Category: Blog

VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches

How New AI Agents Will Transform Credential Stuffing Attacks

Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers

Suspected Iranian Hackers Used Compromised Indian Firm’s Email to Target U.A.E. Aviation Sector

Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm

Google’s March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities

Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail

U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children’s Data Protection Practices

Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites

Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks

[email protected]