Rescana Blog

1092 posts | Page 4 of 46

MiniPlasma Zero-Day in Windows Cloud Files Mini Filter Driver Enables SYSTEM Privilege Escalation on Fully Patched Windows 10, 11, and Server 2022/2025
CVE Analysis Center

MiniPlasma Zero-Day in Windows Cloud Files Mini Filter Driver Enables SYSTEM Privilege Escalation on Fully Patched Windows 10, 11, and Server 2022/2025

May 19, 2026 Read →
Iranian Cyberattacks Exploit Unsecured Automatic Tank Gauge Systems in US Gas Stations: 2026 Incident Analysis and Mitigation Recommendations
Cybersecurity Incident Analysis

Iranian Cyberattacks Exploit Unsecured Automatic Tank Gauge Systems in US Gas Stations: 2026 Incident Analysis and Mitigation Recommendations

May 19, 2026 Read →
CVE Analysis Report: Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware Targeting JavaScript Supply Chain
CVE Analysis Center

CVE Analysis Report: Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware Targeting JavaScript Supply Chain

May 19, 2026 Read →
CVE-2026-8153: Critical OS Command Injection Vulnerability in Universal Robots PolyScope 5 Exposes Industrial Robot Fleets to Remote Hacking
CVE Analysis Center

CVE-2026-8153: Critical OS Command Injection Vulnerability in Universal Robots PolyScope 5 Exposes Industrial Robot Fleets to Remote Hacking

May 19, 2026 Read →
CVE-2026-42897 Zero-Day Analysis: Microsoft Exchange Server OWA XSS Vulnerability Exploited in the Wild
Active Exploitation Alert

CVE-2026-42897 Zero-Day Analysis: Microsoft Exchange Server OWA XSS Vulnerability Exploited in the Wild

May 19, 2026 Read →
Critical RCE, SQL Injection, and Privilege Escalation Vulnerabilities Affecting Ivanti Endpoint Manager, Fortinet FortiClient EMS (CVE-2026-21643), SAP, VMware, and n8n: CVE Analysis, Exploitation, and Patch Guidance
CVE Analysis Center

Critical RCE, SQL Injection, and Privilege Escalation Vulnerabilities Affecting Ivanti Endpoint Manager, Fortinet FortiClient EMS (CVE-2026-21643), SAP, VMware, and n8n: CVE Analysis, Exploitation, and Patch Guidance

May 19, 2026 Read →
Funnel Builder Plugin Vulnerability Exploited in WooCommerce Checkout Skimming Campaign; Security Patch Available
Active Exploitation Alert

Funnel Builder Plugin Vulnerability Exploited in WooCommerce Checkout Skimming Campaign; Security Patch Available

May 17, 2026 Read →
PoC Code Published for Critical NGINX and Ingress-NGINX Vulnerabilities (CVE-2026-42945 & CVE-2025-1974): Remote Code Execution Risk for Web Servers and Kubernetes Clusters
Active Exploitation Alert

PoC Code Published for Critical NGINX and Ingress-NGINX Vulnerabilities (CVE-2026-42945 & CVE-2025-1974): Remote Code Execution Risk for Web Servers and Kubernetes Clusters

May 17, 2026 Read →
OpenAI macOS Apps Targeted in TanStack Supply Chain Attack: Two Employee Devices Compromised, Urgent Updates Required
Cybersecurity Incident Analysis

OpenAI macOS Apps Targeted in TanStack Supply Chain Attack: Two Employee Devices Compromised, Urgent Updates Required

May 17, 2026 Read →
OpenAI macOS Products Impacted by TanStack Supply Chain Attack via Mini Shai-Hulud Malware in TeamPCP Campaign
Cybersecurity Incident Analysis

OpenAI macOS Products Impacted by TanStack Supply Chain Attack via Mini Shai-Hulud Malware in TeamPCP Campaign

May 17, 2026 Read →
Kazuar Backdoor Evolution: How Secret Blizzard Transformed Kazuar into a Modular P2P Botnet Targeting Government and Enterprise Systems
Technology

Kazuar Backdoor Evolution: How Secret Blizzard Transformed Kazuar into a Modular P2P Botnet Targeting Government and Enterprise Systems

May 17, 2026 Read →
Grafana Labs GitHub Actions Breach: Code Repositories Accessed and Extortion Attempted via Misconfigured CI/CD Workflow
Cybersecurity Incident Analysis

Grafana Labs GitHub Actions Breach: Code Repositories Accessed and Extortion Attempted via Misconfigured CI/CD Workflow

May 17, 2026 Read →
Claw Chain: Critical OpenClaw Vulnerabilities (CVE-2026-44112, 44113, 44115, 44118) Enable Data Theft, Privilege Escalation, and Persistent Access
CVE Analysis Center

Claw Chain: Critical OpenClaw Vulnerabilities (CVE-2026-44112, 44113, 44115, 44118) Enable Data Theft, Privilege Escalation, and Persistent Access

May 17, 2026 Read →
American Lending Center Ransomware Attack Exposes Sensitive Data of 123,158 Individuals: 2025 Data Breach Report
Cybersecurity Incident Analysis

American Lending Center Ransomware Attack Exposes Sensitive Data of 123,158 Individuals: 2025 Data Breach Report

May 17, 2026 Read →
CMMC is knocking on your door: What to do about it?
Compliance

CMMC is knocking on your door: What to do about it?

May 13, 2026 Read →
OpenAI Daybreak: Comprehensive Analysis of AI-Powered Vulnerability Detection, Patch Validation, and Supply Chain Security (2026 Report)
Technology

OpenAI Daybreak: Comprehensive Analysis of AI-Powered Vulnerability Detection, Patch Validation, and Supply Chain Security (2026 Report)

May 12, 2026 Read →
Škoda Auto Online Shop Data Breach Exposes Customer Information via E-Commerce Software Vulnerability
Cybersecurity Incident Analysis

Škoda Auto Online Shop Data Breach Exposes Customer Information via E-Commerce Software Vulnerability

May 12, 2026 Read →
CVE-2026-41940: Active Exploitation of cPanel/WHM Authentication Bypass to Deploy Filemanager Backdoor
Active Exploitation Alert

CVE-2026-41940: Active Exploitation of cPanel/WHM Authentication Bypass to Deploy Filemanager Backdoor

May 12, 2026 Read →
Checkmarx Jenkins AST Plugin Supply Chain Attack: TeamPCP Compromise Follows KICS Breach and Trivy Credential Theft
Cybersecurity Incident Analysis

Checkmarx Jenkins AST Plugin Supply Chain Attack: TeamPCP Compromise Follows KICS Breach and Trivy Credential Theft

May 12, 2026 Read →
Supply Chain Attack: Fake OpenAI Repository on Hugging Face Distributes Infostealer Malware Targeting Developers and AI Tools
Cybersecurity Incident Analysis

Supply Chain Attack: Fake OpenAI Repository on Hugging Face Distributes Infostealer Malware Targeting Developers and AI Tools

May 10, 2026 Read →
ShinyHunters Launches Second Major Attack on Instructure Canvas LMS via Free-For-Teacher Accounts: May 2026 Breach Analysis and Mitigation
Cybersecurity Incident Analysis

ShinyHunters Launches Second Major Attack on Instructure Canvas LMS via Free-For-Teacher Accounts: May 2026 Breach Analysis and Mitigation

May 10, 2026 Read →
Poland Water Treatment Plants ICS Breached by Russian and Belarusian APTs: 2025 Attack Exposes Critical Infrastructure Security Gaps
Cybersecurity Incident Analysis

Poland Water Treatment Plants ICS Breached by Russian and Belarusian APTs: 2025 Attack Exposes Critical Infrastructure Security Gaps

May 10, 2026 Read →
PamDOORa Linux Backdoor: How Malicious PAM Modules Steal SSH Credentials and Evade Detection in Enterprise Environments
Technology

PamDOORa Linux Backdoor: How Malicious PAM Modules Steal SSH Credentials and Evade Detection in Enterprise Environments

May 10, 2026 Read →
NVIDIA GeForce NOW Data Breach: Armenian Users’ Personal Information Exposed via GFN.am Partner System
Cybersecurity Incident Analysis

NVIDIA GeForce NOW Data Breach: Armenian Users’ Personal Information Exposed via GFN.am Partner System

May 10, 2026 Read →