Rescana Blog
1002 posts | Page 13 of 42
Active Exploitation Alert
AWS Cryptomining Attack: Threat Intelligence on Stolen IAM Credentials Fueling Large-Scale EC2 & ECS Abuse
Active Exploitation Alert
APT28 Credential Phishing Campaign Targets UKR.net Users: Technical Analysis and Threat Intelligence Report
Cybersecurity Incident Analysis
SoundCloud Security Breach 2025: User Data Stolen, VPN Access Disrupted, and ShinyHunters Extortion Analysis
Cybersecurity Incident Analysis
PornHub Premium User Data Breach: Mixpanel Hack Leads to Extortion and Privacy Risks
Active Exploitation Alert
CVE-2025-55182 React2Shell: Chinese APT Groups Exploit Critical React Server Components Vulnerability for Malware Delivery
CVE Analysis Center
CVE-2025-55182: Critical Remote Code Execution Vulnerability in React Server Components and Next.js (React2Shell)
CVE Analysis Center
Critical FreePBX Vulnerabilities: SQL Injection, File Upload, and AUTHTYPE Bypass Flaws Enabling Remote Code Execution
Cybersecurity Incident Analysis
Askul Corporation Ransomware Attack: 740,000 Customer Records Stolen in RansomHouse Data Breach of B2B and Lohaco Systems
Cybersecurity Incident Analysis
700Credit 700Dealer.com Data Breach Exposes 5.8 Million Records: Technical Analysis, Impact, and Mitigation Steps
Active Exploitation Alert
Rescana Threat Intelligence Report: Widespread Exploitation of React Server Components via CVE-2025-55182 (React2Shell)
Active Exploitation Alert
PyStoreRAT Malware Campaign: Fake OSINT and GPT GitHub Repositories Target Security Researchers and Cryptocurrency Users
Active Exploitation Alert
Critical Sierra Wireless AirLink ALEOS Router Vulnerability (CVE-2018-4063) Added to CISA KEV After Active Exploitation Enables Remote Code Execution
Active Exploitation Alert
Apple Urgently Patches WebKit Zero-Day Vulnerabilities Exploited in Targeted Attacks Affecting iOS, macOS, and Safari
Active Exploitation Alert
AI-Driven Phishing Kits Target Microsoft 365 and European Banks with Advanced MFA Bypass Techniques
CVE Analysis Center
Surge in Ransomware Attacks Targeting Japanese Manufacturing Sector: Qilin and Kawa4096 Exploit OT and IT Systems in 2025
CVE Analysis Center
Fortinet, Ivanti, and SAP Release Critical Security Patches for Authentication Bypass and Remote Code Execution Vulnerabilities – December 2025 Threat Intelligence Report
CVE Analysis Center
Critical Apache Tika CVE-2025-66516: XXE Vulnerability Exposes Over 500 Instances After Incomplete Patch
Active Exploitation Alert
Zero-Click Vulnerability in Perplexity Comet Browser Allows Full Google Drive Deletion via Crafted Emails
Active Exploitation Alert
ShadowMQ Vulnerabilities: Over 30 Critical Flaws in Meta Llama, NVIDIA TensorRT-LLM, vLLM, and Other AI Inference Engines Enable Data Theft and Remote Code Execution
Active Exploitation Alert
React2Shell (CVE-2025-55182): Mass Exploitation of React Server Components and Next.js Threatens 77,000 Systems and 30+ Organizations
Active Exploitation Alert
Critical XXE Vulnerability CVE-2025-66516 (CVSS 10.0) in Apache Tika Enables File Disclosure, SSRF, and Remote Code Execution – Immediate Patch Required
Active Exploitation Alert
Barts Health NHS Data Breach: Cl0p Ransomware Exploits Oracle E-Business Suite Zero-Day (CVE-2025-61882)
Cybersecurity Incident Analysis
University of Pennsylvania Data Breach: Oracle E-Business Suite (CVE-2025-61882) Exploit by Clop Ransomware Group
CVE Analysis Center