Consulations – VigilantAI

gurushyam.mony
September 14, 2022
No Comments

CIS & NIST Assessments

UK Solicitor Investigated After Uploading Client Files to ChatGPT February 27, 2026
A UK solicitor is under investigation for allegedly violating client confidentiality and waiving legal privilege after they confessed to uploading their clients’ confidential documents to ChatGPT. This is in line with a warning issued by the Upper Tribunal that the use of open AI tools in such a manner may violate client confidentiality and waive […]
Kirsten Doyle
AI Theater, Real Risk: What Moltbook Reveals About API Security February 27, 2026
In early 2026, a platform called Moltbook, later renamed OpenClaw, went viral for what appeared to be a startling development. Autonomous AI agents were posting, debating, upvoting, and forming communities without human participation. Basically, how most end-of-the-world sci-fi movies start. Headlines hinted at emergent coordination. Some observers worried about rogue systems. The reality was a […]
Eric Schwake
Lazarus Group Turns to Medusa Ransomware in Escalating Global Extortion Campaign February 26, 2026
New evidence indicates that the North Korean state-sponsored Lazarus Group has adopted the infamous Medusa ransomware in its extortion attacks, including those against the healthcare and nonprofit sectors. The Threat Hunter Team from Symantec and Carbon Black says these attacks have been increasing since Medusa’s launch in 2023 as a “ransomware-as-a-service” (RaaS) tool. The malware, operated by a […]
Kirsten Doyle
Why Cyber Risk Gets Lost in the Boardroom February 26, 2026
Cyber Risk is now a standing item in most boardrooms. You’ll find it in annual reports, audit committees, and regulatory filings. And still, cyber risk is not being addressed. Not because boards don’t care, or because CISOs are not reporting. But because something fundamental is still not working between security and governance. We posed these three questions to six […]
Kirsten Doyle
PayPal Customer Data Exposed for Six Months in Breach February 24, 2026
PayPal has disclosed a data breach that exposed some of its customers’ personal information and led to fraudulent transactions. The company said it happed due to an error in its PayPal Working Capital (“PPWC”) loan application, an offering that gives businesses a cash advance based on their PayPal sales history. Between 1 July and 13 December 2025, the PII of a small number […]
Kirsten Doyle
Americans Lost Over $20 million in ATM “Jackpotting” Attacks February 24, 2026
Malware-fuelled ATM “jackpotting” attacks are surging across the United States, with the FBI warning that incidents have spiked sharply in 2025. In a recent alert, the Bureau said it has recorded around 1,900 ATM jackpotting incidents since 2020. Alarmingly, more than 700 of those cases (representing over $20 million in losses) have happened this year alone. […]
Kirsten Doyle
Microsoft Copilot Flaw Exposed Confidential Emails February 24, 2026
A bug has been causing Microsoft Copilot to read and summarise users’ confidential emails, and it’s been happening since late January. Microsoft says the issue stems from a code error that bypassed data loss prevention (DLP) policies designed to stop sensitive information from being accessed in the first place. It was first reported by BleepingComputer. “Users’ email messages with a confidential label applied are […]
Kirsten Doyle
New Phishing Kit Starkiller Defeats Multi-Factor Authentication February 23, 2026
Abnormal has discovered a new phishing kit that allows bad actors to steal usernames and passwords with a toolkit that spoofs live login pages and bypasses multi-factor authentication (MFA) protections. Most phishing kits depend on static HTML clones of login pages, which, while effective, are inherently fragile. Even a small interface update from the brand being impersonated […]
Kirsten Doyle
Why AI Adoption Has Become the Greatest Security Challenge of Our Time February 23, 2026
Companies are investing in artificial intelligence at an unprecedented pace. Few areas of business remain untouched by automation, generation, or analysis through AI, yet what’s often missing from the conversation is how quickly this shift is redefining the threat landscape for modern organizations. Rapid innovation is increasingly turning into a security challenge, and the race […]
John Mutuski
CISA Warns of Critical Security Vulnerability in Honeywell Cameras February 20, 2026
CISA has warned that a critical security vulnerability (CVE-2026-1670) has been identified in four Honeywell CCTV camera models. “Successful exploitation of this vulnerability could lead to account takeovers and unauthorized access to camera feeds; an unauthenticated attacker may change the recovery email address, potentially leading to further network compromise,” the advisory said. The flaw is classified as “missing authentication for […]
Kirsten Doyle

Service Categories: Consulations

CIS & NIST Assessments

[email protected]