Blog – Page 41 – VigilantAI

April 16, 2025
No Comments

U.S. Govt. Funding for MITRE’s CVE Ends April 16, Cybersecurity Community on Alert

April 15, 2025
No Comments

Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders

April 15, 2025
No Comments

Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence

April 15, 2025
No Comments

Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool

April 15, 2025
No Comments

Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds

April 15, 2025
No Comments

Crypto Developers Targeted by Python Malware Disguised as Coding Challenges

April 15, 2025
No Comments

Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability

April 15, 2025
No Comments

Meta Resumes E.U. AI Training Using Public User Data After Regulator Approval

April 14, 2025
No Comments

ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading

April 14, 2025
No Comments

Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft

Mitigating the Toxic Cloud Trilogy to Empower Everyone from the Most to the Least Tech-Savvy July 8, 2025
Cloud computing has its perks: speed, scalability, and innovation, to name just a few. However, increasing reliance on cloud computing has changed the threat landscape and created substantial points of vulnerability. The toxic cloud trilogy of cloud workload risks – those that are publicly exposed, critically vulnerable, and highly privileged – represents the most dangerous. […]
Josh Breaker Rolfe
Ransomware Attack Cripples Ingram Micro, Disrupts Global Services July 8, 2025
Ingram Micro has confirmed a ransomware attack that has forced systems offline and disrupted core services across its global operations. The breach, first reported as an unexplained outage on 3 July has now been linked to the SafePay ransomware group, one of the more active players in the 2025 threat landscape. By 6 July, the […]
Kirsten Doyle
Stolen Identities Now the Biggest Threat in Cybersecurity July 8, 2025
The biggest threat to your business may no longer be malware or ransomware. It’s your people. Or rather, their identities. Between 2023 and the first quarter of 2025, identity-driven threats surged by 156%, now accounting for 59% of all confirmed cyber incidents, according to new research by eSentire’s Threat Response Unit (TRU). The findings mark […]
Kirsten Doyle
Ransomware in 2025: More Attacks, Bigger Targets, Fewer Confirmations July 7, 2025
The ransomware crisis continues to deepen. In the first half of 2025, 3,627 attacks were logged worldwide, a 47% jump from the same period last year. But confirmation remains scarce. According to Comparitech, of those incidents, just 445 were publicly acknowledged by victims. The rest were claimed by threat actors on their leak sites, often […]
Kirsten Doyle
Scattered Spider’s Pre-Attack Infrastructure Exposed: 500+ Phishing Domains Mimic Enterprise Logins July 7, 2025
The infamous cybercrime group known as Scattered Spider is expanding its playbook, and laying the groundwork long before the breach. New findings from Check Point Research reveal a sprawling infrastructure of more than 500 phishing domains, many designed to impersonate enterprise login pages. It’s a quiet phase of attack planning, but one that holds critical […]
Kirsten Doyle
Stop Ransomware in Its Tracks with Exfiltration Prevention July 7, 2025
Ransomware attacks have not only increased in numbers, but they have also evolved beyond data encryption and ransoms. Today’s attackers are increasingly turning to double or even triple extortion, extracting sensitive information to increase their leverage. According to the 2025 Verizon DBIR, 90% of ransomware attacks involved data exfiltration in 2024, up from 85% in 2023 […]
Brad LaPorte
From Manual to Mindful: Elevating IT Support in the Age of Intelligent Automation July 4, 2025
Across industries, IT support is undergoing a quiet revolution. While it once meant a reactive help desk resolving tickets on a first-come, first-served basis, today’s model is more proactive, data-driven, and increasingly powered by AI. At the centre of this shift are small and mid-sized enterprises (SMEs), which face a unique set of challenges: tighter […]
Robert Phan
Critical Cisco Flaw Lets Attackers Gain Root Access to Unified CM July 4, 2025
Cisco has patched a critical flaw in its Unified Communications Manager (Unified CM) software that allowed unauthenticated remote attackers to log in using hardcoded root credentials. The vulnerability, tracked as CVE-2025-20309, carries a CVSS score of 10.0 (the highest possible) and affects select engineering special (ES) builds of version 15.0. The issue stems from development […]
Kirsten Doyle
Ransomware Group Hunters International Claims Shutdown, Offers Free Decryptors July 4, 2025
Hunters International, a notorious ransomware gang with ties to past high-profile cyberattacks, says it’s closing shop. The group made the announcement Thursday via its darknet extortion site, claiming it would release free decryption tools to help past victims recover data. “After careful consideration and in light of recent developments, we have decided to close the […]
Kirsten Doyle
Iranian Cyber Threats Surge Amid Geopolitical Tension July 4, 2025
Cyberattacks linked to Iranian threat groups are on the rise, according to a new threat intelligence report from security provider Blumira. The report highlights how escalating geopolitical tensions between the US and Iran are driving a surge in Iranian state-linked cybers activity, particularly targeting critical sectors like healthcare, energy, and government. Blumira, which monitors threats […]
Josh Breaker Rolfe

Category: Blog

U.S. Govt. Funding for MITRE’s CVE Ends April 16, Cybersecurity Community on Alert

Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders

Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence

Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool

Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds

Crypto Developers Targeted by Python Malware Disguised as Coding Challenges

Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability

Meta Resumes E.U. AI Training Using Public User Data After Regulator Approval

ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading

Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft

[email protected]