1+ hour, 18+ min ago  (646+ words) Rescana Shiny Hunters Exploits Oracle People Soft Zero-Day CVE-2026-35273 in Widespread Higher Education Cyberattack Between late May and early June 2026, the notorious threat actor group Shiny Hunters executed a highly coordinated cyberattack campaign targeting the higher education sector by exploiting…...

1+ hour, 23+ min ago  (235+ words) The technical impact of the incident is limited to the exposure of customer billing data and potential privacy concerns. There is no evidence of data destruction, encryption, or disruption to water production or delivery systems. The primary impact is reputational…...

2+ day, 13+ hour ago  (638+ words) Rescana The advanced persistent threat group Ocean Lotus (also known as APT32), long associated with cyber-espionage in Southeast Asia, has recently pivoted to domestic targeting within Vietnam. Leveraging a newly identified backdoor named SPECTRALVIPER, Ocean Lotus executed a sophisticated supply chain…...

2+ day, 15+ hour ago  (610+ words) Rescana Gentlemen Ransomware Actively Exploiting Fortinet Forti Gate Vulnerabilities: 478 Victims Hit by Rapid Worm-Like Attacks The Gentlemen ransomware has rapidly established itself as a formidable threat in the global cyber landscape, with at least 478 confirmed victims spanning 66 countries and over…...

2+ week, 2+ day ago  (827+ words) Legacy system exploitation allowed unauthorized access to databases and platforms described as "obsolete" but still accessible. This indicates poor decommissioning practices and a lack of network segmentation, enabling attackers to reach sensitive data repositories. Third-party vendor compromise was a critical…...

1+ mon, 3+ day ago  (475+ words) Technical Evidence: According to the ABW report and corroborating media sources, attackers accessed administrator accounts and altered settings linked to pumps and alarms. In several cases, they could modify device operating parameters in real time, creating a direct and concrete…...

1+ mon, 3+ day ago  (595+ words) Rescana Supply Chain Attack: Fake Open AI Repository on Hugging Face Distributes Infostealer Malware Targeting Developers and AI Tools Cybersecurity researchers uncovered a sophisticated supply chain attack leveraging a fake Open AI repository on the Hugging Face platform to distribute…...

1+ mon, 1+ week ago  (430+ words) The breach did not compromise uploaded video content, account credentials (such as passwords), or payment card information. Vimeo's operational systems remained unaffected, and there was no disruption to platform services. The attackers, Shiny Hunters, subsequently listed Vimeo'on their extortion portal…...

1+ mon, 1+ week ago  (565+ words) From patch management to outfit management (OFMa) Shay shabtai, Rescana Chief Strategy Officer It's good enough but not enough The best of the best of the Cyber Security ecosystem has gathered together to publish an Expedited Strategy Briefing'on the AI…...

2+ mon, 3+ week ago  (361+ words) Rescana Yes, subscribe me to your newsletter. The emergence of the Leak Net ransomware campaign marks a significant escalation in the sophistication of ransomware operations targeting enterprise environments. This campaign leverages the Click Fix social engineering technique to gain initial…...