News
Active Exploitation Alert: Microsoft Edge Hit by Stego Ad Malware via 119 Malicious Extensions Affecting Over 2. 6 Million Users
2+ day, 11+ hour ago (207+ words) The C2infrastructure was robust and resilient, utilizing over ten domains with automatic failover, traffic proxying via Cloudflare Workers, and Git Hub Pagesfor beacon hosting. The C2 servers were configured to serve real payloads only to requests with correct fingerprints and User-Agent headers,…...
Microsoft Extends Hotpatch Support for Windows Server 2022 Datacenter: Azure Edition Until October 2027 " Technical, Security, and Compliance Implications
2+ day, 11+ hour ago (274+ words) Publication Date: June 2026 The standout feature of hotpatching is its capacity to minimize downtime by applying updates without rebooting the server. This capability is not available in standard editions of Windows Server'and is a unique differentiator for the Azure Edition....
Nissan Americas Employee Data Breach Analysis: Oracle People Soft Zero-Day (CVE-2026-35273) Exploitation and Supply Chain Risks
2+ day, 11+ hour ago (168+ words) The affected product is Oracle People Soft People Tools, specifically instances vulnerable to CVE-2026-35273. The exploitation window was from May 27 to June 9, 2026, as confirmed by technical analysis and vendor advisories. Nissan's breach notification was filed on June 25, 2026, and public reporting…...
Klue Supply Chain Breach Exposes OAuth Tokens and Salesforce Data in Multi-Stage Cybersecurity Incident (June 2026)
3+ day, 12+ hour ago (470+ words) A secondary compromise occurred when another unauthorized party gained access to the same stolen data and initiated a new extortion campaign, further complicating the incident and increasing the risk of additional data exposure. Technical analysis and attribution are supported by…...
Active Exploitation Alert: Miasma Malware Campaign Targets npm Packages and Git Hub Actions in Major Supply Chain Attack
3+ day, 12+ hour ago (429+ words) Rescana Active Exploitation Alert: Miasma Malware Campaign Targets npm Packages and Git Hub Actions in Major Supply Chain Attack The Miasma malware campaign represents a critical escalation in supply chain attacks targeting the Java Script ecosystem, specifically npm packages and…...
KDDI Email System Breach Exposes Up to 14. 2 Million Credentials Across Six Japanese ISPs
3+ day, 12+ hour ago (447+ words) Upon detection, KDDI'implemented immediate technical countermeasures, including blocking the attacker and modifying the affected system to prevent further damage. The company also began a coordinated response with the affected ISPs and notified Japan's Personal Information Protection Commission and the Ministry…...
Active Phishing Campaign Exploits Calendly and Photo ZIP Files to Target Hotels with Node. js Malware " Microsoft Alerts Hospitality Sector " Rescana
3+ day, 12+ hour ago (266+ words) Active Phishing Campaign Exploits Calendly and Photo ZIP Files to Target Hotels with Node. js Malware " Microsoft Alerts Hospitality Sector Rescana The threat actors behind this campaign remain unattributed as of June 2026. Their operational sophistication is evidenced by the use…...
Active Exploitation Alert: Cisco Catalyst SD-WAN Zero-Day (CVE-2026-20245) Enables Root Access via Authenticated File Upload Exploit " Rescana
1+ week, 11+ hour ago (159+ words) Once root access is achieved, attackers can modify device configurations, push unauthorized changes to edge devices, and establish persistent access. The attack vector is local in the sense that it requires authenticated access, but in practice, attackers often chain this…...
Forti Bleed Credential Harvesting Campaign: Active Exploitation of Forti Gate Firewalls Compromises Over 110 Million Credentials
1+ week, 11+ hour ago (619+ words) Rescana Forti Bleed Credential Harvesting Campaign: Active Exploitation of Forti Gate Firewalls Compromises Over 110 Million Credentials The Forti Bleed campaign represents a highly sophisticated, large-scale credential harvesting operation targeting Forti Gate firewalls globally. Since early 2026, a Russian-speaking, financially motivated Initial…...
Git Hub Actions Updates Checkout to Block Forked Pull Request Supply Chain Attacks in CI/CD Workflows
1+ week, 11+ hour ago (533+ words) Rescana Git Hub Actions Updates Checkout to Block Forked Pull Request Supply Chain Attacks in CI/CD Workflows Publication Date: June 18, 2026 The recent update to Git Hub's actions/checkout action marks a significant advancement in the security of continuous integration…...