Blog – Page 56 – VigilantAI

May 14, 2025
No Comments

Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server

May 14, 2025
No Comments

Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems

May 14, 2025
No Comments

Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks

May 13, 2025
No Comments

China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide

May 13, 2025
No Comments

Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads

May 13, 2025
No Comments

Deepfake Defense in the Age of AI

May 13, 2025
No Comments

North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress

May 13, 2025
No Comments

Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency

May 13, 2025
No Comments

Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers

May 12, 2025
No Comments

ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files

Why It’s Time to Ditch the VPN and Embrace RPAM for Secure Remote Work September 3, 2025
As much of the workforce takes advantage of late-summer holidays, employees, contractors, and third-party vendors continue to log in remotely from holiday homes, airports, or hotels, far from the traditional corporate environment. This surge in remote access inevitably heightens security risks. For IT and security teams already managing a sprawling attack surface, reduced visibility and […]
James Edwards
WhatsApp Reveals Zero-Day Exploited in Targeted Apple Attacks September 3, 2025
WhatsApp has disclosed a zero-day flaw that was used in precision attacks against Apple users. The bug, tracked as CVE-2025-55177 with a CVSS score of 8.0, involved incomplete authorization of linked device sync messages. In practice, that meant an attacker could trick a device into processing content from arbitrary URLs. The issue affected WhatsApp for […]
Kirsten Doyle
Cyber Attack Severely Disrupts Jaguar Land Rover Production September 3, 2025
Jaguar Land Rover (JLR) has fallen victim to a cyber-attack. In a statement JLR said: “JLR has been impacted by a cyber incident. We took immediate action to mitigate its impact by proactively shutting down our systems. We are now working at pace to restart our global applications in a controlled manner.” The company, owned […]
Kirsten Doyle
European Commission President’s Plane GPS Signal Disrupted Amid Suspected Russian Jamming September 3, 2025
The European Union said Monday that Russia was suspected of jamming the GPS system of a plane carrying European Commission President Ursula von der Leyen to Bulgaria on Sunday. “We can indeed confirm that there was GPS jamming, but the plane landed safely in Bulgaria,” a European Commission spokesperson told reporters. “We have received information […]
Kirsten Doyle
Zscaler Confirms Limited Data Exposure Linked to Third-Party App September 2, 2025
Zscaler has disclosed a security incident tied to Salesloft Drift, a marketing automation service used by many Salesforce customers. The company has confirmed that attackers stole OAuth tokens connected to Drift, which opened a door to certain Salesforce data. Zscaler was among the organizations affected. Zsclaler stressed that its own products, services, and core infrastructure […]
Kirsten Doyle
Silver Fox Exploits Signed Drivers to Deliver ValleyRAT September 2, 2025
Check Point Research has uncovered a new campaign tied to the Silver Fox APT group. The operation relies on signed but vulnerable Windows drivers to slip through security defenses and deliver ValleyRAT, a modular backdoor. Two drivers are key to this operation, both built on the Zemana Anti-Malware SDK. One is old and already flagged […]
Kirsten Doyle
Meta Ads Spread Advanced Crypto-Stealing Malware September 1, 2025
A new malvertising wave is moving from desktops to phones. The platform: Meta’s ad network. The target: Android users. The prize: cryptocurrency. Bitdefender Labs says attackers have shifted gears after months of hitting Windows. Now the lure is a fake TradingView Premium app, pushed through Facebook ads. The download doesn’t deliver charting software. It drops […]
Kirsten Doyle
CISA, NSA, and FBI Warn of Ongoing Chinese State-Sponsored Cyber Espionage August 29, 2025
The Cybersecurity and Infrastructure Security Agency (CISA), together with the NSA, FBI, and more than a dozen international partners, has issued a joint advisory on Chinese state-sponsored cyber activity. The alert, AA25-239A, details the long-running operations of Advanced Persistent Threat (APT) actors tracked as Salt Typhoon, OPERATOR PANDA, RedMike, UNC5807, and GhostEmperor. These actors have […]
Kirsten Doyle
AI Used to Run Unprecedented Cybercrime Operation, Anthropic Reports August 29, 2025
An attacker turned an AI chatbot into a full-scale criminal operation. The target: at least 17 companies across healthcare, government, and emergency services. The tool: Claude, Anthropic’s advanced AI. The result is a cybercrime campaign of staggering scope and sophistication. Anthropic revealed the operation in a report released this week. The bad actor leveraged Claude […]
Kirsten Doyle
TransUnion Confirms Cyber Attack Exposing Data of 4.4 Million People August 29, 2025
This week, TransUnion confirmed a major cyber incident that exposed personal data of more than 4.4 million people. The breach happened on 28 July, and was discovered two days later. Notification letters began reaching affected consumers on 26 August. “We are writing to make you aware of a cyber incident involving unauthorized access to some […]
Kirsten Doyle

Category: Blog

Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server

Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems

Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks

China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide

Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads

Deepfake Defense in the Age of AI

North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress

Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency

Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers

ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files

[email protected]