News
Active Exploitation Alert: Indirect Prompt Injection Attacks Target AI Agents to Facilitate Unauthorized Cryptocurrency Payments
4+ hour, 10+ min ago (195+ words) Prompt injection'is a class of attacks where adversaries embed hidden or obfuscated instructions within content that is likely to be ingested by AI agents. In the context of cryptocurrency payment fraud, attackers use indirect prompt injection (IPI)'to target AI…...
Medtronic Corporate IT Data Breach 2026: Shiny Hunters Attack Exposes 3. 8 Million Records
2+ day, 10+ hour ago (230+ words) The attack vector is assessed to be credential compromise and cloud exploitation, consistent with Shiny Hunters" historical tactics, techniques, and procedures (TTPs). These include phishing, OAuth token theft, and exploitation of cloud services such as Office 365 and AWS. However, the…...
Avalon Malware Framework: Advanced Modular Threat Leveraging Crown X Ransomware Targets Windows Systems and Supply Chain Security
2+ day, 10+ hour ago (509+ words) Rescana Avalon Malware Framework: Advanced Modular Threat Leveraging Crown X Ransomware Targets Windows Systems and Supply Chain Security Publication Date: July 2026 The emergence of the Avalon malware framework, featuring the internally named Crown X ransomware, marks a significant escalation in…...
Open Claw Skill Marketplace: Security Risks and Supply Chain Threats in Agentic AI Platforms
2+ day, 10+ hour ago (575+ words) Rescana Open Claw Skill Marketplace: Security Risks and Supply Chain Threats in Agentic AI Platforms Publication Date: June 2026 The rapid evolution of agentic AI platforms has introduced both unprecedented opportunities and significant risks to enterprise environments. Open Claw, an open-source…...
Active Exploitation Alert: Microsoft Edge Hit by Stego Ad Malware via 119 Malicious Extensions Affecting Over 2. 6 Million Users
1+ week, 8+ hour ago (207+ words) The C2infrastructure was robust and resilient, utilizing over ten domains with automatic failover, traffic proxying via Cloudflare Workers, and Git Hub Pagesfor beacon hosting. The C2 servers were configured to serve real payloads only to requests with correct fingerprints and User-Agent headers,…...
Microsoft Extends Hotpatch Support for Windows Server 2022 Datacenter: Azure Edition Until October 2027 " Technical, Security, and Compliance Implications
1+ week, 8+ hour ago (274+ words) Publication Date: June 2026 The standout feature of hotpatching is its capacity to minimize downtime by applying updates without rebooting the server. This capability is not available in standard editions of Windows Server'and is a unique differentiator for the Azure Edition....
Nissan Americas Employee Data Breach Analysis: Oracle People Soft Zero-Day (CVE-2026-35273) Exploitation and Supply Chain Risks
1+ week, 8+ hour ago (168+ words) The affected product is Oracle People Soft People Tools, specifically instances vulnerable to CVE-2026-35273. The exploitation window was from May 27 to June 9, 2026, as confirmed by technical analysis and vendor advisories. Nissan's breach notification was filed on June 25, 2026, and public reporting…...
KDDI Email System Breach Exposes Up to 14. 2 Million Credentials Across Six Japanese ISPs
1+ week, 1+ day ago (447+ words) Upon detection, KDDI'implemented immediate technical countermeasures, including blocking the attacker and modifying the affected system to prevent further damage. The company also began a coordinated response with the affected ISPs and notified Japan's Personal Information Protection Commission and the Ministry…...
Active Phishing Campaign Exploits Calendly and Photo ZIP Files to Target Hotels with Node. js Malware " Microsoft Alerts Hospitality Sector " Rescana
1+ week, 1+ day ago (266+ words) Active Phishing Campaign Exploits Calendly and Photo ZIP Files to Target Hotels with Node. js Malware " Microsoft Alerts Hospitality Sector Rescana The threat actors behind this campaign remain unattributed as of June 2026. Their operational sophistication is evidenced by the use…...
Active Exploitation Alert: Cisco Catalyst SD-WAN Zero-Day (CVE-2026-20245) Enables Root Access via Authenticated File Upload Exploit " Rescana
1+ week, 5+ day ago (159+ words) Once root access is achieved, attackers can modify device configurations, push unauthorized changes to edge devices, and establish persistent access. The attack vector is local in the sense that it requires authenticated access, but in practice, attackers often chain this…...