top of page
.png){kind=logo}
SonicWall SSL VPN Vulnerability Exploited by Akira Ransomware: Comprehensive Analysis of Misconfigurations and Critical Exploits
Executive Summary This advisory report presents a comprehensive technical analysis of the critical vulnerability discovered in SonicWall...
Sep 117 min read
US Offers $10M Reward for Ukrainian Ransomware Operator Targeting Critical Infrastructure Systems
Executive Summary Publication Date: Oeptember 10, 2025 In an unprecedented effort to counter the rapid evolution of cyber threats and to...
Sep 106 min read
Fortinet FortiGate, Ivanti Connect Secure, and Nvidia GPU Driver Security Updates: In-Depth Vulnerability Exploitation and Mitigation Analysis
Executive Summary In recent weeks, major industry players have taken proactive measures to secure their networks by releasing critical...
Sep 107 min read
Mitigating CVE-2025-54236: Addressing Adobe Commerce's Critical Input Sanitization Flaw for Customer Account Hijacking
Executive Summary The recent discovery of CVE-2025-54236 in Adobe Commerce has unveiled a sophisticated vulnerability that allows...
Sep 107 min read
NPM Supply Chain Attack: In-Depth Analysis of the Whimper Exploit on Debug and Chalk Packages
Executive Summary Publication Date: September 8, 2025. The incident, dubbed the Whimper Attack , involved a significant breach in the npm...
Sep 106 min read
Critical SAP NetWeaver (CVSS 10) and SAP S/4HANA Vulnerabilities: APT Exploitation and Urgent Patching Strategies
Executive Summary Recent threat intelligence highlights the alarming exploitation of critical vulnerabilities within SAP NetWeaver and...
Sep 107 min read
Wealthsimple Supply Chain Attack: How Third-Party Software Vulnerabilities Compromised the Wealthsimple Platform
Executive Summary Publication Date: September 09, 2025. The incident involving Wealthsimple , a leading Canadian fintech firm,...
Sep 96 min read
MostereRAT Malware on Windows: Advanced Process Injection and Security Tool Blocking Uncovered
Executive Summary Publication Date: September 09, 2025. The MostereRAT malware represents an evolution in the Remote Access Trojan (RAT)...
Sep 97 min read
Salesloft GitHub Account Compromise: Detailed Analysis of Internal Credential Breach and Mitigation Strategies
Executive Summary Publication Date: September 9, 2025. The incident involving the breach of Salesloft via a compromised GitHub account...
Sep 96 min read
GhostAction GitHub Supply Chain Attack: Hackers Steal 3,325 Secrets from a Critical CI/CD Repository
Executive Summary Publication Date: September 09, 2025 The GhostAction GitHub supply chain attack is a sophisticated breach that...
Sep 98 min read
Czech Cyber Agency Warns: Chinese Tech Vulnerabilities in Critical Infrastructure Systems and Supply Chains
Executive Summary and Publication Date Publication Date: September 08, 2025 In this report, we examine the recent warning issued by a...
Sep 83 min read
Over 6,700 Private Repositories Exposed in Nx Supply Chain Attack: Misconfigured Access Controls Exploited
Executive Summary Publication Date: September 08, 2025. This advisory addresses the security incident involving the exposure of over...
Sep 88 min read
Rescana Cybersecurity Report: Grok AI Exploits, US Manufacturing Attacks, and Gmail Security Debunked
Executive Summary Publication Date: September 05, 2025 Rescana presents this comprehensive cybersecurity advisory report that examines...
Sep 56 min read
VirusTotal Exposes 44 Undetected SVG Files Leveraging Base64 Encoding to Deploy Phishing Pages on Web Browsers
Executive Summary Publication Date: September 05, 2025 In a recent groundbreaking investigation, VirusTotal has identified 44 undetected...
Sep 58 min read
SAP S/4HANA CVE-2025-42957 Critical Vulnerability Analysis: Exploitation in the Wild, Impact, and Mitigation Strategies
Executive Summary This advisory report provides an in-depth analysis of the critical CVE-2025-42957 vulnerability affecting SAP S/4HANA ...
Sep 57 min read
Sangoma Patches Critical FreePBX Zero-Day Vulnerability Exploited by Hackers – In-Depth Cybersecurity Report
1. Executive Summary Recent security bulletins have drawn attention to a critical zero-day vulnerability affecting FreePBX servers, which...
Sep 33 min read
Salesloft Drift Supply Chain Attack Exposes Zscaler & Palo Alto Networks: Technical Analysis and Mitigation Strategies
Executive Summary Publication Date: October 03, 2025. The incident involving the breach of Zscaler and Palo Alto Networks via the...
Sep 36 min read
Cloudflare Supply Chain Attack: In-Depth Analysis of the Salesloft Drift Compromise Impacting API Credentials
Executive Summary Publication Date: August 21, 2025. On August 21, 2025, Cloudflare confirmed that it had experienced a supply chain...
Sep 37 min read
MystRodX Backdoor Exploits DNS and ICMP to Compromise NetGear ProSafe Series Networks
Executive Summary Recent research conducted by our Rescana Cyber Security Research Team has revealed that the sophisticated MystRodX ...
Sep 38 min read
In-Depth Analysis of TP-Link Firmware and WhatsApp Vulnerabilities Added to the CISA KEV Catalog
Executive Summary In September 2025, the Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited...
Sep 37 min read
bottom of page