Rescana Blog
1092 posts | Page 18 of 46
CVE Analysis Center
Critical React2shell Vulnerability (CVE-2025-55182, CVE-2025-66478) Enables Unauthenticated RCE in React Server Components and Next.js
Cybersecurity Incident Analysis
Critical Command Injection Vulnerability in OpenAI Codex CLI Threatens Developer Endpoints and Supply Chain Security
CVE Analysis Center
CISA Issues Urgent Alert on ScadaBR CVE-2021-26829 Vulnerability Exploited by Hacktivists in ICS Attack
CVE Analysis Center
Albiriox Malware-as-a-Service: Advanced Android Threat Targets Over 400 Banking, Fintech, and Crypto Apps with On-Device Fraud and VNC Screen Control
Cybersecurity Incident Analysis
North Korean APT Exploits npm Supply Chain to Distribute OtterCookie Malware via 197 Malicious Packages
Cybersecurity Incident Analysis
French Soccer Federation Club Administrative Management Software Breach: Member Data Stolen in Credential Compromise Cyberattack
Cybersecurity Incident Analysis
Asahi Group Holdings Ransomware Attack: Qilin Breach Disrupts Japanese Operations and Exposes 1.5 Million Records
Cybersecurity Incident Analysis
Qilin Ransomware Exploits South Korean MSP Breach in Korean Leaks Attack, Impacting 28 Financial Organizations
Cybersecurity Incident Analysis
OpenAI API User Data Exposed in Mixpanel Security Breach: Incident Analysis and Impact Report
Cybersecurity Incident Analysis
Mixpanel Vendor Incident: What Happened and What Organizations Should Do
Active Exploitation Alert
StealC V2 Infostealer Delivered via Malicious Blender 3D Asset Files: Threat Analysis and Mitigation
Active Exploitation Alert
Shai-Hulud npm Supply Chain Attack: 640 Malicious Packages Compromise JavaScript Ecosystem
Active Exploitation Alert
JackFix Attack Targets Windows and macOS: Advanced Social Engineering Bypasses ClickFix Security Controls
Active Exploitation Alert
Dartmouth College Data Breach: Clop Ransomware Exploits Oracle E-Business Suite Zero-Day (CVE-2025-61882)
Active Exploitation Alert
BADBOX 2.0 and Vo1d Botnets: Android TV Streaming Box Infections, Impacted Models, and Mitigation Strategies
Active Exploitation Alert
Tsundere Botnet Targets Windows Users with Fake Game Installers and Ethereum-Based C2 Infrastructure
Active Exploitation Alert
Salesforce Security Incident: Unauthorized Data Access via Compromised Gainsight OAuth Integrations
Active Exploitation Alert
Iberia Airline Club Loyalty Data Exposed in Third-Party Vendor Breach: Incident Analysis and Mitigation Steps
Active Exploitation Alert
Critical Zero-Day Exploited in Oracle Identity Manager (CVE-2025-61757): Pre-Auth RCE Vulnerability Analysis and Mitigation
Active Exploitation Alert
Critical CVE-2025-41115 SCIM Vulnerability in Grafana Enterprise Allows Remote Impersonation and Privilege Escalation
Active Exploitation Alert
Cox Enterprises Data Breach: Cl0p Ransomware Exploits Oracle E-Business Suite Zero-Day Vulnerability (CVE-2025-61882)
Active Exploitation Alert
APT31 Exploits Yandex.Browser and Cloud Services in Stealthy Cyberattacks on Russian IT Sector
Cybersecurity Incident Analysis
UNC1549 Iranian APT Targets Microsoft Exchange and Aerospace Sector: Threat Analysis and Mitigation Strategies
Cybersecurity Incident Analysis