Skip to main content

Tag: cloud security

258 articles

Dimly lit cloud server room with rows of server racks and a single out-of-focus server screen in the foreground.

PCPJack Hijacks Cloud Servers for Covert SMTP Relay Network

Security firm Hunt.io uncovered a sneaky operation where hackers known as PCPJack hijacked cloud servers worldwide, turning them into secret SMTP relays that pumped out spam every five minutes. The stolen servers, found in major cloud platforms like AWS, Google Cloud, and Azure, were quietly converted into spam-spewing machines.

Analyst 207
Damaged server racks and equipment in a dimly lit data center with scattered cables and destroyed infrastructure.

AI Cyberattacks Expose Need to Rethink Resiliency

Cyberattacks are no longer just about stealing data - they're now aimed at taking over entire virtual environments, wiping out all data and leaving businesses in a state of digital darkness. The game has changed, and it's time to rethink our approach to resiliency.

Analyst 207
Professionals in a control room discuss around a large table with empty screens.

Anthropic Expands Vulnerability Detection Program to Critical Infrastructure Firms

Anthropic's expanded Vulnerability Detection Program is helping protect critical infrastructure firms from cyber threats, having already uncovered over 10,000 high-risk software vulnerabilities since April. The program, known as Project Glasswing, now includes 150 organizations across 15 countries.

Analyst 207
Rows of computer servers and storage units in a dimly-lit server room with a single server in the foreground.

Container Escapes Fuel Supply Chain Attacks on Cloud Infrastructures

Containers can quickly become a gateway to your entire cloud infrastructure if vulnerable to attacks, with hackers exploiting flaws like CVE-2019-5736, CVE-2022-0492, and CVE-2024-21626 to break free from isolated environments and wreak havoc on your host system. There are five key entry points for container attacks, including vulnerabilities, misconfigurations, and supply chain threats.

Analyst 207
Developer workstation with open laptop showing code, surrounded by empty coffee cups and scattered notes, hinting at a…

Miasma Supply Chain Attack Targets Red Hat npm Packages

A new supply-chain campaign, codenamed Miasma, has compromised multiple Red Hat npm packages to steal sensitive credentials and deliver a self-propagating worm, putting developer machines at risk. This sneaky attack uses clever tactics like install-time execution and encrypted exfiltration to harvest secrets and spread its reach.

Analyst 207
Developer workspace with laptop, terminal, and notes, hint of cloud diagram in background.

Malicious npm Packages Target Cloud Credentials

Malicious actors are targeting cloud credentials by publishing fake npm packages that mimic popular projects, allowing them to infiltrate developer environments and gain access to sensitive AWS and Elastic credentials. In just four hours, a single attacker published 14 malicious packages using cleverly disguised names.

Analyst 207
Software development workstation with Docker interface on laptop and monitor, surrounded by tools and notes.

Docker Images Expose Hidden Vulnerabilities

Docker containers are a top target for attackers, with a recent analysis of 100 popular Docker Hub images revealing that 64 contained critical flaws due to outdated software versions. Only one in ten images was fully up to date, leaving a vast majority vulnerable to predictable and dangerous exposures.

Analyst 207
Person working on laptop in modern office with dashboard on screen.

Snowflake Bolsters AI Security with Natoma Acquisition

Snowflake is supercharging its AI security with the acquisition of Natoma, empowering users to tackle everyday tasks like sending emails and checking calendars without leaving Snowflake Intelligence or Coco. This move is part of Snowflake's vision for an "agentic control plane," where AI agents can take actions across business systems while keeping security controls firmly in place.

Analyst 207
Laptop and smartphone with blurred interfaces sit on a desk in a bright office space surrounded by paperwork.

Zapier Fixes Bug Chain That Exposed Millions to Account Takeover Risk

A security firm recently uncovered a chain of five weaknesses in popular workflow automation service Zapier that could have put millions of users at risk of account takeover - and thankfully, the issue has now been fixed. The vulnerabilities were surprisingly easy to exploit, requiring only a free Zapier account to potentially gain unauthorized access to user accounts.

Analyst 207
Blurred laptop in foreground, rows of servers in background, with out-of-focus cables and wires.

AI Agent Executes End-to-End Cyberattack in Under an Hour

In a chilling demonstration of speed and stealth, a sophisticated AI agent executed a devastating cyberattack from start to finish in under an hour, exploiting a vulnerable marimo notebook to gain code execution and ultimately exfiltrating a PostgreSQL database. This alarming intrusion highlights the lightning-fast potential of modern cyber threats.

Analyst 207
Cryptocurrency company workspace with laptop, notepad, and blurred calendar.

JINX-0164 Exploits Crypto Firms with Fake Recruiter Lures and macOS Malware

Meet JINX-0164, a cunning threat actor who's been targeting crypto developers with clever fake recruiter lures and custom macOS malware since mid-2025. By impersonating credible LinkedIn profiles and posing as recruiters, they've been tricking victims into virtual meetings that lead to rogue domains.

Analyst 207
Employees work at desks with laptops and smartphones, surrounded by papers and office supplies, with blurred software…

Managing Shadow AI Tools Requires a Proactive Security Approach

Employees are now using three to five AI tools daily, outpacing the controls in place to manage them, and creating a growing security gap that's hard to ignore. This surge in shadow AI tools is fueled by three key areas: OAuth connections, browser extensions, and bundled AI.

Analyst 207
Typical office setting with laptop on desk, surrounded by papers and supplies.

FBI Warns of Kali365 Phishing Kit Targeting Microsoft 365 Users

The FBI is sounding the alarm on Kali365, a phishing kit that makes it easy for attackers to target Microsoft 365 users with AI-generated scams, automated templates, and real-time tracking. This powerful tool is lowering the bar for cybercriminals, allowing less tech-savvy attackers to launch sophisticated phishing campaigns.

Analyst 207
Rows of computer servers and networking equipment in a brightly-lit server room.

CISA Breach Exposes Sensitive Government Systems

A shocking security lapse at CISA exposed highly sensitive government systems, thanks to a contractor's careless mistake of leaving credentials to privileged AWS GovCloud accounts and internal systems publicly available on GitHub. The error granted unfettered access to a vast array of agency infrastructure, putting national security at risk.

Analyst 207
Unoccupied workstation with laptop and technical equipment in a brightly-lit server room.

Google API Keys Remain Usable for 23 Minutes After Deletion

Deleting a Google API key doesn't mean it's immediately useless to hackers - in fact, our experiments show it can remain active for up to 23 minutes, allowing attackers to continue misusing it even after you've tried to revoke access.

Analyst 207
Ordinary office setting with interconnected devices and a central computer screen displaying a blurred network map.

Identity Exposures Form Highways for Cyber Attacks

A single compromised identity can become a superhighway for cyber attacks, giving hackers access to nearly every critical workload a business relies on - as seen in a recent incident where a cached AWS access key on one Windows machine put 98% of the company's cloud environment at risk. Identity has become the ultimate attack path, carrying with it a multitude of permissions just waiting to be exploited.

Analyst 207
Computer screen displays GitHub repository on a clutter-free desk with scattered papers.

CISA Exposes Sensitive Data in Unsecured GitHub Repository

A shocking security lapse was uncovered when a GitGuardian researcher stumbled upon a public GitHub repository containing 844 MB of sensitive production infrastructure material from a national agency, left exposed for a staggering six months. This alarming data leak highlights the gravity of unsecured data, with expert Guillaume Valadon describing it as one of the most serious secrets leaks he's ever seen.

Analyst 207
Employees work at desks with laptops and computers in a bright, open office space with natural light and plants.

Enterprises Lose Visibility as AI Adoption Surges

As AI adoption surges in ANZ enterprises, a concerning gap is emerging: over half of organizations lack confidence in their ability to monitor and govern these new technologies, leaving them vulnerable to an expanding attack surface. AI agents and copilots are rolling out faster than security teams can keep up, creating a visibility blind spot that's hard to ignore.

Analyst 207
People in IT attire gathered around a touchscreen in a modern data center.

Bolstering AI Resilience Across Cloud and Data Environments

As AI agents and copilots increasingly access, share, and store enterprise data, organisations in Australia and New Zealand face a pressing question: can they keep their data secure and recoverable in this new landscape? The integration of agentic AI and copilots is expanding data pathways, creating new operational risks that demand attention to visibility, protection, and recovery readiness.

Analyst 207
Dimly lit server room with rows of humming servers and flickering screens, partially shrouded in shadow.

AI Adoption Exposes Identity Security Blind Spots

As organizations rapidly adopt AI, they're unwittingly creating a surge in non-human identities - like AI agents and machine identities - that are outpacing their ability to manage and secure them, leaving them vulnerable to new security risks. This blind spot is exposing companies to excessive privileges, unmanaged access, and orphaned accounts, threatening their security, compliance, and operations.

Analyst 207
Brightly lit computer workstation with Microsoft interface and cityscape background.

Microsoft Abuses Self-Service Password Reset in Azure Data Theft Attacks

Microsoft warns that hackers are using clever social engineering tactics and exploiting self-service password reset features to drain sensitive data from high-value Azure assets. By tricking users into approving multi-factor authentication prompts, attackers can gain access to production Microsoft 365 and Azure environments.

Analyst 207
Empty computer workstation with laptop and papers in a neutral office setting, hint of coding workspace in background.

CISA Contractor Exposes AWS GovCloud Keys in GitHub Leak

A contractor for the Cybersecurity & Infrastructure Security Agency (CISA) made a critical mistake by exposing sensitive AWS GovCloud keys, plaintext passwords, and internal files in a public GitHub repository. The leak, described as one of the worst ever witnessed, included highly privileged credentials and build artifacts for numerous internal CISA systems.

Analyst 207
Servers in a data center with cables, representing a secure cloud computing environment.

Microsoft Disputes Azure Vulnerability Report, Silent Patch Issued

Security researcher Justin O'Leary claims a critical flaw in Azure Backup for AKS could let users with zero Kubernetes permissions gain full cluster administration, but Microsoft disputes the finding. The tech giant quietly issued a patch without acknowledging the vulnerability.

Analyst 207
Cloud storage workstation with blank laptop screen and keyboard, symbolizing a data breach.

ShinyHunters Fuel Surge in Data Leaks

Meet the ShinyHunters, a notorious group behind a surge in public data leaks, who team up with The Com to scam victims out of cloud system access and then hold their data for ransom. This duo's alarming tactic has resulted in a steady stream of sensitive information being dumped into the public domain.

Analyst 207