Rescana Blog
986 posts | Page 17 of 42
Active Exploitation Alert
China-Linked Tick Group Exploits Lanscope Endpoint Manager Zero-Day (CVE-2025-61932) in Targeted Attacks
Active Exploitation Alert
Airstalk Malware Exploits VMware Workspace ONE UEM APIs in Sophisticated Nation-State Supply Chain Attack
General News
ThreatsDay Bulletin: BIND 9 DNS Poisoning (CVE-2025-40778), NPM Supply-Chain Attack, Rust Malware, and Emerging RATs Targeting Modern Infrastructure
General News
PhantomRaven Supply Chain Attack: 126 Malicious npm Packages Stealing GitHub Tokens and CI/CD Secrets
General News
LinkedIn Phishing Attack Exploits Microsoft 365 Accounts to Target Finance Executives with Fake Board Invites
General News
Conduent Business Solutions Data Breach (2024-2025): Over 10.5 Million Affected Across Healthcare, Government, and Insurance Systems
General News
Canadian Critical Infrastructure Hack: Hacktivists Tamper With ICS at Water, Oil, and Agriculture Facilities
General News
Brash Exploit: Critical Chromium Browser Zero-Day Enables Instant DoS via Malicious URL
General News
AdaptixC2 Under Fire: Russian Ransomware Gangs Weaponize Open-Source C2 Framework for Advanced Attacks
CVE Analysis Center
TARmageddon (CVE-2025-62518): Critical Supply Chain Vulnerability in async-tar and tokio-tar Rust Libraries
CVE Analysis Center
SideWinder Uses ClickOnce to Target South Asian Diplomatic Entities via MagTek ReaderConfiguration.exe Sideloading Attack Chain
CVE Analysis Center
Operation ForumTroll: Italian Spyware Vendor Memento Labs Exploits Chrome Zero-Day (CVE-2025-2783) in Targeted Attacks on Russia and Belarus
CVE Analysis Center
Google Refutes Claims of Massive Gmail Data Breach: Analysis Reveals Stolen Credentials Originated from Infostealer Malware, Not Google Systems
CVE Analysis Center
Chrome Zero-Day Exploited: Memento Spyware Campaign Targets Windows Systems with LeetAgent and Dante Malware
Active Exploitation Alert
Qilin (Agenda) Ransomware Targets Windows and Linux with Hybrid BYOVD Exploit and Cross-Platform Payloads
Cybersecurity Incident Analysis
YouTube Ghost Network: 3,000 Malicious Videos Used to Spread Infostealer Malware via Compromised Channels
Active Exploitation Alert
Smishing Triad Exploits SMS Phishing to Target USPS, E-ZPass, IRS, and Financial Systems Using 194,000 Malicious Domains Globally
Active Exploitation Alert
North Korean Lazarus Group Uses Trojanized MuPDF and Notepad++ Plugins to Target European UAV and Drone Technology Firms
Active Exploitation Alert
GlassWorm Supply Chain Attack: Self-Spreading Malware Infects Visual Studio Code (VS Code) Extensions via OpenVSX and Microsoft Marketplace
Cybersecurity Incident Analysis
Fake LastPass Death Claims Phishing Campaign Exploits Emergency Access to Breach Password Vaults
Cybersecurity Incident Analysis
F5 BIG-IP Vulnerabilities Exploited: 85% Surge in US Government Cyberattacks Amid 2025 Shutdown
Active Exploitation Alert
Critical CVE-2025-59287 Vulnerability in Microsoft WSUS: Emergency Patch Issued to Prevent Remote Code Execution
Active Exploitation Alert
CoPhish Attack Exploits Microsoft Copilot Studio to Steal OAuth Tokens via Malicious Agents
Active Exploitation Alert