Rescana Blog
1070 posts | Page 1 of 45
Cybersecurity Incident Analysis
France Titres (ANTS) Identity Portal Breach: Massive IDOR Vulnerability Exposes Millions of French Citizen Records in 2026 Cyberattack
Active Exploitation Alert
Active Exploitation Alert: CVE-2026-42271 and CVE-2026-48710—Unauthenticated RCE in LiteLLM AI Gateway via Starlette Host Header Bypass
Active Exploitation Alert
Active Exploitation Alert: Hades PyPI Supply Chain Attack Poisons 19 Python Packages with Bun-Based Credential Stealer
Cybersecurity Incident Analysis
SoFi Hong Kong Third-Party Data Breach Exposes Customer Information: Cybersecurity Incident Analysis and Lessons Learned
Active Exploitation Alert
Active Exploitation Alert: Shai-Hulud Supply Chain Attack Compromises 100+ NPM and PyPI Packages with Self-Spreading Malware
Cybersecurity Incident Analysis
Silent Ransom Group (Luna Moth) Extortion Attacks Target US Law Firms via Remote Access Tools and Social Engineering
Active Exploitation Alert
Active Exploitation of WinRAR CVE-2025-8088 by Russia-Aligned APTs Targets Ukrainian Government with Advanced Stealer Malware
Active Exploitation Alert
CISA Issues 3-Day Emergency Directive to Patch Check Point VPN Zero-Day (CVE-2024-24919) Amid Active Qilin Ransomware Exploitation
Active Exploitation Alert
Active Exploitation Alert: Google Chrome Zero-Day CVE-2026-5281 Actively Exploited via Dawn WebGPU – Urgent Patch Required
Cybersecurity Incident Analysis
Nitrogen Ransomware Attack on Foxconn: Malvertising Threats, ESXi Vulnerability, and Supply Chain Risks in Manufacturing
Active Exploitation Alert
Active Exploitation Alert: Cisco Catalyst SD-WAN Manager CVE-2026-20245 Zero-Day Under Attack With No Patch Available
Active Exploitation Alert
Active Exploitation of Dover Fueling Solutions and OPW Automatic Tank Gauge Systems Exposes US Fuel Infrastructure to Iranian APT Attacks
CVE Analysis Center
Google Chrome 149 Security Update: Analysis of Record 429 Vulnerabilities Patched Across Windows, macOS, and Linux
Cybersecurity Incident Analysis
Miasma Worm Supply Chain Attack: 73 Microsoft GitHub Repositories Compromised via AI Coding Tools
Cybersecurity Incident Analysis
DentaQuest Data Breach Analysis: ShinyHunters Leak Exposes PII and PHI of 2.6 Million Members in 2026
Active Exploitation Alert
Active Exploitation Alert: FIFA World Cup 2026 Targeted by Fake Ticket Sites, Banking Malware, and Credential Theft
Active Exploitation Alert
Active Exploitation of Critical CVE-2026-3300 Vulnerability in Everest Forms Pro Plugin Threatens WordPress Sites Globally
Email Security
Cyber Espionage Attack: Five-Month Compromise of Stock Exchange Executive’s Outlook Mailbox via Covert Cloud Exfiltration
Active Exploitation Alert
Active Exploitation Alert: Fake Open-Source Software Sites Dominate Google Search to Distribute Malware via Advanced TDS
Active Exploitation Alert
Active Exploitation Alert: Critical VS Code Zero-Day Enables One-Click GitHub Token Theft and Massive Internal Repository Breach
Cybersecurity Incident Analysis
Critical Supply Chain Attack Compromises 32 Red Hat @redhat-cloud-services NPM Packages with Credential-Stealing Malware
Active Exploitation Alert
Active Exploitation Alert: Palo Alto Networks PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)
Cybersecurity Incident Analysis
Miasma Supply Chain Attack Compromises Red Hat @redhat-cloud-services npm Packages With Credential-Stealing Worm: Cybersecurity Incident Analysis and Mitigation
Active Exploitation Alert