top of page
.png){kind=logo}
Critical CVE‑2025‑5394 Exploitation of the Alone WordPress Theme Enables Remote Plugin Hijacking
Executive Summary This advisory report presents an in-depth analysis of the recent exploitation of the Alone WordPress theme...
2 days ago6 min read
UNC2891 ATM Network Breach: 4G Raspberry Pi Implant Enables CAKETAP Rootkit Exploit
Executive Summary The recent investigation into the UNC2891 breach has revealed a sophisticated attack on ATM networks using a...
2 days ago9 min read
SonicWall SMA 100 Critical Vulnerability Patched: In-Depth Analysis of Malware Attacks and Mitigation Strategies
Executive Summary The recent discovery and rapid patching of a critical vulnerability in the SonicWall SMA 100 series has important...
Jul 256 min read
Critical Mitel Authentication Bypass Vulnerability: How Hackers Gain Full Access to MiVoice MX-ONE Systems
Executive Summary In this advisory report, Rescana brings to your immediate attention a severe security vulnerability impacting Mitel ’s...
Jul 257 min read
Stealth Backdoor Exploits in WordPress Mu-Plugins for Persistent Admin Access
Executive Summary Recent investigations conducted by our cybersecurity research team have uncovered a sophisticated threat where...
Jul 247 min read
CERT-UA Uncovers LAMEHUG Malware in Legacy Email Client Software: APT28 Leverages LLM for Advanced Phishing Campaign
Executive Summary The recent discovery of the LAMEHUG malware, attributed to the notorious threat group APT28 , represents a significant...
Jul 217 min read
Microsoft Patches ToolShell Zero-Day Exploit in SharePoint Server (CVE-2025-53770): In-Depth Threat Analysis
Executive Summary The advisory report presented here details the high-severity nature of ToolShell , a zero-day vulnerability...
Jul 216 min read
PoisonSeed Attacker Exploit Exposes Critical Vulnerabilities in FIDO Server Software and Key Firmware
Executive Summary The emergence of the PoisonSeed Attacker Skates Around FIDO Keys vulnerability has raised alarm bells in the...
Jul 207 min read
Popular npm Linter Packages Compromised by Phishing: Detailed Malware Dropper Attack Analysis
Executive Summary Publication Date: July 19, 2025 This advisory report details the incident involving the hijacking of popular npm linter...
Jul 207 min read
China-linked APT Salt Typhoon Exploits Cisco IOS XE Vulnerabilities in Canadian Telecom Systems
Executive Summary This advisory report presents a comprehensive analysis of the latest research into the advanced persistent threat (APT)...
Jun 248 min read
"Fire sale", it's a myth anyway. It can't be done – Live Free or Die Hard (2007)
Iran’s Bad Week: A Real-World “Fire Sale” Over the past two weeks Iran has been hit by a rapid-fire mix of kinetic strikes and cyber...
Jun 232 min read
Critical FortiOS and FortiProxy Zero-Day Vulnerability CVE-2024-55591 Exploited in the Wild
Executive Summary As of January 14, 2025, CVE-2024-55591 has been identified as a critical zero-day vulnerability affecting FortiOS and...
May 143 min read
ServiceNow Vulnerabilities: Critical Exploits Impacting Israel and Global Systems
Executive Summary The following critical advisory was issued concerning the exploitation of vulnerabilities in ServiceNow , a widely used...
Mar 222 min read
Global Alert: CVE-2024-27564 Vulnerability in OpenAI ChatGPT Threatens Critical Sectors
Date: October 2023 Executive Summary A critical vulnerability identified as CVE-2024-27564 has been discovered within OpenAI's ChatGPT...
Mar 203 min read
Lumma Stealer Click Fix Attack: Threat Analysis and Mitigation for Windows Systems
Detailed Analysis Report on Lumma Stealer "Click Fix" Style Attack Executive Summary The Lumma Stealer is an advanced...
Mar 93 min read
Rescana Cybersecurity Analysis: Combating Storm-2372 Phishing Risks on Microsoft Systems
Executive Summary The Storm-2372 device code phishing campaign presents a notable threat in the cybersecurity landscape, attributed to a...
Feb 213 min read
bottom of page