News

Rescana
rescana. com > post > active-exploitation-alert-indirect-prompt-injection-attacks-target-ai-agents-to-facilitate-unauthorized-cryptocurrency-p

Active Exploitation Alert: Indirect Prompt Injection Attacks Target AI Agents to Facilitate Unauthorized Cryptocurrency Payments

5+ hour, 15+ min ago  (195+ words) Prompt injection'is a class of attacks where adversaries embed hidden or obfuscated instructions within content that is likely to be ingested by AI agents. In the context of cryptocurrency payment fraud, attackers use indirect prompt injection (IPI)'to target AI…...

Symbols: cwe-77,nasdaq:mstr
Rescana
rescana. com > post > active-exploitation-alert-north-korean-polinrider-supply-chain-attack-targets-npm-packagist-go-modules-and-chrome-extens

Active Exploitation Alert: North Korean Polin Rider Supply Chain Attack Targets npm, Packagist, Go Modules, and Chrome Extensions

2+ day, 11+ hour ago  (488+ words) Rescana Active Exploitation Alert: North Korean Polin Rider Supply Chain Attack Targets npm, Packagist, Go Modules, and Chrome Extensions The Polin Rider campaign represents a significant escalation in supply chain attacks orchestrated by North Korean threat actors, specifically those associated…...

Symbols: index.js
Rescana
rescana. com > post > medtronic-corporate-it-data-breach-2026-shinyhunters-attack-exposes-3-8-million-records

Medtronic Corporate IT Data Breach 2026: Shiny Hunters Attack Exposes 3. 8 Million Records

2+ day, 11+ hour ago  (230+ words) The attack vector is assessed to be credential compromise and cloud exploitation, consistent with Shiny Hunters" historical tactics, techniques, and procedures (TTPs). These include phishing, OAuth token theft, and exploitation of cloud services such as Office 365 and AWS. However, the…...

Symbols: googl.o,orcl.n
Rescana
rescana. com > post > avalon-malware-framework-advanced-modular-threat-leveraging-crownx-ransomware-targets-windows-systems-and-supply-chain-s

Avalon Malware Framework: Advanced Modular Threat Leveraging Crown X Ransomware Targets Windows Systems and Supply Chain Security

2+ day, 11+ hour ago  (509+ words) Rescana Avalon Malware Framework: Advanced Modular Threat Leveraging Crown X Ransomware Targets Windows Systems and Supply Chain Security Publication Date: July 2026 The emergence of the Avalon malware framework, featuring the internally named Crown X ransomware, marks a significant escalation in…...

Symbols: btc-usd,^n2250,eth-usd
Rescana
rescana. com > post > openclaw-skill-marketplace-security-risks-and-supply-chain-threats-in-agentic-ai-platforms

Open Claw Skill Marketplace: Security Risks and Supply Chain Threats in Agentic AI Platforms

2+ day, 11+ hour ago  (575+ words) Rescana Open Claw Skill Marketplace: Security Risks and Supply Chain Threats in Agentic AI Platforms Publication Date: June 2026 The rapid evolution of agentic AI platforms has introduced both unprecedented opportunities and significant risks to enterprise environments. Open Claw, an open-source…...

Symbols: soul.md
Rescana
rescana. com > post > active-exploitation-alert-microsoft-edge-hit-by-stegoad-malware-via-119-malicious-extensions-affecting-over-2-6-million

Active Exploitation Alert: Microsoft Edge Hit by Stego Ad Malware via 119 Malicious Extensions Affecting Over 2. 6 Million Users

1+ week, 9+ hour ago  (207+ words) The C2infrastructure was robust and resilient, utilizing over ten domains with automatic failover, traffic proxying via Cloudflare Workers, and Git Hub Pagesfor beacon hosting. The C2 servers were configured to serve real payloads only to requests with correct fingerprints and User-Agent headers,…...

Rescana
rescana. com > post > microsoft-extends-hotpatch-support-for-windows-server-2022-datacenter-azure-edition-until-october-2027-technical-securit

Microsoft Extends Hotpatch Support for Windows Server 2022 Datacenter: Azure Edition Until October 2027 " Technical, Security, and Compliance Implications

1+ week, 9+ hour ago  (274+ words) Publication Date: June 2026 The standout feature of hotpatching is its capacity to minimize downtime by applying updates without rebooting the server. This capability is not available in standard editions of Windows Server'and is a unique differentiator for the Azure Edition....

Symbols: druv.pvt,abbn.sw,d05.S0,u11.S0,z74.S0,cin.si
Rescana
rescana. com > post > nissan-americas-employee-data-breach-analysis-oracle-peoplesoft-zero-day-cve-2026-35273-exploitation-and-supply-chain-ri

Nissan Americas Employee Data Breach Analysis: Oracle People Soft Zero-Day (CVE-2026-35273) Exploitation and Supply Chain Risks

1+ week, 9+ hour ago  (168+ words) The affected product is Oracle People Soft People Tools, specifically instances vulnerable to CVE-2026-35273. The exploitation window was from May 27 to June 9, 2026, as confirmed by technical analysis and vendor advisories. Nissan's breach notification was filed on June 25, 2026, and public reporting…...

Symbols: btc-usd,cstr.v,aisx.v,nlr.cn,avl.ne,spod.cn
Rescana
rescana. com > post > klue-supply-chain-breach-exposes-oauth-tokens-and-salesforce-data-in-multi-stage-cybersecurity-incident-june-2026

Klue Supply Chain Breach Exposes OAuth Tokens and Salesforce Data in Multi-Stage Cybersecurity Incident (June 2026)

1+ week, 1+ day ago  (470+ words) A secondary compromise occurred when another unauthorized party gained access to the same stolen data and initiated a new extortion campaign, further complicating the incident and increasing the risk of additional data exposure. Technical analysis and attribution are supported by…...

Rescana
rescana. com > post > active-exploitation-alert-miasma-malware-campaign-targets-npm-packages-and-github-actions-in-major-supply-chain-attack

Active Exploitation Alert: Miasma Malware Campaign Targets npm Packages and Git Hub Actions in Major Supply Chain Attack

1+ week, 1+ day ago  (429+ words) Rescana Active Exploitation Alert: Miasma Malware Campaign Targets npm Packages and Git Hub Actions in Major Supply Chain Attack The Miasma malware campaign represents a critical escalation in supply chain attacks targeting the Java Script ecosystem, specifically npm packages and…...

Symbols: cat.py