Rescana Blog
986 posts | Page 14 of 42
Active Exploitation Alert
StealC V2 Infostealer Delivered via Malicious Blender 3D Asset Files: Threat Analysis and Mitigation
Active Exploitation Alert
Shai-Hulud npm Supply Chain Attack: 640 Malicious Packages Compromise JavaScript Ecosystem
Active Exploitation Alert
JackFix Attack Targets Windows and macOS: Advanced Social Engineering Bypasses ClickFix Security Controls
Active Exploitation Alert
Dartmouth College Data Breach: Clop Ransomware Exploits Oracle E-Business Suite Zero-Day (CVE-2025-61882)
Active Exploitation Alert
BADBOX 2.0 and Vo1d Botnets: Android TV Streaming Box Infections, Impacted Models, and Mitigation Strategies
Active Exploitation Alert
Tsundere Botnet Targets Windows Users with Fake Game Installers and Ethereum-Based C2 Infrastructure
Active Exploitation Alert
Salesforce Security Incident: Unauthorized Data Access via Compromised Gainsight OAuth Integrations
Active Exploitation Alert
Iberia Airline Club Loyalty Data Exposed in Third-Party Vendor Breach: Incident Analysis and Mitigation Steps
Active Exploitation Alert
Critical Zero-Day Exploited in Oracle Identity Manager (CVE-2025-61757): Pre-Auth RCE Vulnerability Analysis and Mitigation
Active Exploitation Alert
Critical CVE-2025-41115 SCIM Vulnerability in Grafana Enterprise Allows Remote Impersonation and Privilege Escalation
Active Exploitation Alert
Cox Enterprises Data Breach: Cl0p Ransomware Exploits Oracle E-Business Suite Zero-Day Vulnerability (CVE-2025-61882)
Active Exploitation Alert
APT31 Exploits Yandex.Browser and Cloud Services in Stealthy Cyberattacks on Russian IT Sector
Cybersecurity Incident Analysis
UNC1549 Iranian APT Targets Microsoft Exchange and Aerospace Sector: Threat Analysis and Mitigation Strategies
Cybersecurity Incident Analysis
Pennsylvania Attorney General’s Office Data Breach: Ransomware Attack Leads to Unauthorized Access and Ongoing Investigation
Cybersecurity Incident Analysis
Microsoft Entra, Defender, and Purview: Security Enhancements for Identity, Defense, and Compliance
Service Disruption Analysis
Fortinet FortiWeb CVE-2025-58034: Critical OS Command Injection Vulnerability Actively Exploited in the Wild
Service Disruption Analysis
Cloudflare Bot Management Outage: Technical Root Cause Analysis and Impact of the November 18, 2025 Service Disruption
Active Exploitation Alert
Eurofiber France Customer Data Breach: Hacker Attempts to Sell Compromised Information from Customer Data Systems
Cybersecurity Incident Analysis
Russian Hackers Target Hospitality Sector: 4,300 Fake Hotel Booking Sites Created to Steal Guest Payment Data
Technology
RondoDox Botnet Actively Exploits Unpatched XWiki Server Vulnerabilities: Threat Analysis and Mitigation Strategies
Cybersecurity Incident Analysis
North Korean APTs Exploit JSON-Based Cloud APIs for Covert Malware Delivery and C2 Operations
Cybersecurity Incident Analysis
Logitech MOVEit Data Breach Confirmed After Clop Ransomware Extortion Attack
Cybersecurity Incident Analysis
Iranian SpearSpecter APT Targets Microsoft Systems in Defense and Government Cyber-Espionage Campaign
Active Exploitation Alert