Blog – Page 24 – VigilantAI

July 10, 2025
No Comments

ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs

July 9, 2025
No Comments

Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets

July 9, 2025
No Comments

DoNot APT Expands Operations, Targets European Foreign Ministries with LoptikMod Malware

July 9, 2025
No Comments

How To Automate Ticket Creation, Device Identification and Threat Triage With Tines

July 9, 2025
No Comments

U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme

July 9, 2025
No Comments

Chinese Hacker Xu Zewei Arrested for Ties to Silk Typhoon Group and U.S. Cyber Attacks

July 9, 2025
No Comments

Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server

July 8, 2025
No Comments

Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware

July 8, 2025
No Comments

Anatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google Play

July 8, 2025
No Comments

Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension

CrowdStrike Thwarts Malvertising Drive for SHAMOS on macOS August 25, 2025
Between June and August this year, CrowdStrike’s Falcon platform stopped a coordinated malware campaign aimed at more than 300 customer environments. The operation involved SHAMOS, a variant of the Atomic macOS Stealer (AMOS), built and rented out by the cybercriminal group COOKIE SPIDER. The scheme was simple. Malvertising lured users searching for macOS fixes to […]
Kirsten Doyle
Ransomware Surges as AI Drives New Cyber Threats August 25, 2025
The number of publicly known ransomware victims jumped early 70% compared to the same period in 2023 and 2024, according to the newly released Acronis Cyberthreats Report H1 2025. The surge underscores ransomware’s continuing grip on businesses worldwide, especially as attackers increasingly exploit AI to sharpen their tactics. While the endgame for cybercriminals is still […]
Josh Breaker Rolfe
Out of Office, Not Out of Mind: Staying Cyber-Smart Over the Holidays August 22, 2025
We’re back with another expert interview! This time, we’re joined by Matt Warner, CEO and co-founder of Blumira, to talk about how businesses can stay ahead of cyber threats during the summer months and why this quieter season might be the best time to strengthen their security defenses. It’s the holiday season, and attacks often […]
Dilki Rathnayake
Cybercrime Is Hiring: AI, IoT, and Cloud Experts Power the Next Wave of Attacks August 22, 2025
The dark web has its own job boards. Its own recruiters. Its own economy of skills. There, posts read like the listings on LinkedIn or Indeed, only the roles are not for project managers or analysts. They are for AI specialists, cloud exploiters, and social engineers fluent in English. The recruits are not employees. They […]
Kirsten Doyle
From VPS to Phishing: Darktrace Exposes SaaS Hijacks through Virtual Infrastructure Abuse August 22, 2025
Darktrace has uncovered a coordinated campaign of SaaS account takeovers. Attackers hid behind Virtual Private Servers, slipping into accounts, moving unseen, and wiping away the traces of phishing. The pattern was consistent: suspicious logins from VPS-linked infrastructure, swift creation of inbox rules, and deleted emails, particularly those tied to phishing. What researchers found was a […]
Kirsten Doyle
Scamlexity: When AI Agents Become the Target, Not Just the Human August 22, 2025
AI Browsers promise a future where an Agentic AI can handle your online life. From shopping to emails, they are designed to act autonomously, to save time, to make life easier. Yet convenience has a price. Recent researach by Guardio reveals a worrying truth: security guardrails are inconsistent, sometimes absent entirely. The AI clicks, pays, […]
Kirsten Doyle
Manufacturers Scramble to Adopt AI as Cyber Threats Escalate August 22, 2025
Cybersecurity has risen to the top of the manufacturing industry’s risk agenda. A new report from Rockwell Automation reveals that 61% of IT and security professionals plan to adopt AI and machine learning (ML) for cyber defense in the next year – 12 points ahead of general AI adoption across the sector. Meanwhile, 30% of […]
Josh Breaker Rolfe
Your Microsoft 365 Email Security Needs a Smarter Ally August 22, 2025
On a Friday afternoon, a finance executive at a mid-sized firm receives a short email. No links. No attachments. Just a familiar name, a sense of urgency, and a request to move funds. It looked right, and it felt right. But it wasn’t. The transfer went through, and the money vanished without the bad actor […]
Usman Choudhary
Russian Espionage Group Exploits Old Cisco Flaw to Target Critical Infrastructure August 21, 2025
The FBI and Cisco Talos have issued fresh warnings about a Russian cyber espionage campaign that has quietly compromised network devices around the world. The threat actor, tracked as Static Tundra, is linked to the Federal Security Service’s (FSB) Center 16 unit and has been active for more than a decade. At the heart of […]
Kirsten Doyle
Patching for Persistence: DripDropper Malware Secures the Door It Broke Open August 21, 2025
It sounds counterintuitive. An adversary exploits a system, gains access, and then patches the very hole they used to break in. Yet that is exactly what Red Canary researchers observed in a recent campaign targeting cloud-based Linux servers. The logic is simple. By fixing the exploited vulnerability, a malefactor can lock out rivals and mask […]
Kirsten Doyle

Category: Blog

ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs

Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets

DoNot APT Expands Operations, Targets European Foreign Ministries with LoptikMod Malware

How To Automate Ticket Creation, Device Identification and Threat Triage With Tines

U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme

Chinese Hacker Xu Zewei Arrested for Ties to Silk Typhoon Group and U.S. Cyber Attacks

Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server

Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware

Anatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google Play

Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension

[email protected]