Tag: cloud security
258 articles

PCPJack Hijacks Cloud Servers for Covert SMTP Relay Network
Security firm Hunt.io uncovered a sneaky operation where hackers known as PCPJack hijacked cloud servers worldwide, turning them into secret SMTP relays that pumped out spam every five minutes. The stolen servers, found in major cloud platforms like AWS, Google Cloud, and Azure, were quietly converted into spam-spewing machines.

AI Cyberattacks Expose Need to Rethink Resiliency
Cyberattacks are no longer just about stealing data - they're now aimed at taking over entire virtual environments, wiping out all data and leaving businesses in a state of digital darkness. The game has changed, and it's time to rethink our approach to resiliency.

Anthropic Expands Vulnerability Detection Program to Critical Infrastructure Firms
Anthropic's expanded Vulnerability Detection Program is helping protect critical infrastructure firms from cyber threats, having already uncovered over 10,000 high-risk software vulnerabilities since April. The program, known as Project Glasswing, now includes 150 organizations across 15 countries.

Container Escapes Fuel Supply Chain Attacks on Cloud Infrastructures
Containers can quickly become a gateway to your entire cloud infrastructure if vulnerable to attacks, with hackers exploiting flaws like CVE-2019-5736, CVE-2022-0492, and CVE-2024-21626 to break free from isolated environments and wreak havoc on your host system. There are five key entry points for container attacks, including vulnerabilities, misconfigurations, and supply chain threats.

Miasma Supply Chain Attack Targets Red Hat npm Packages
A new supply-chain campaign, codenamed Miasma, has compromised multiple Red Hat npm packages to steal sensitive credentials and deliver a self-propagating worm, putting developer machines at risk. This sneaky attack uses clever tactics like install-time execution and encrypted exfiltration to harvest secrets and spread its reach.

Malicious npm Packages Target Cloud Credentials
Malicious actors are targeting cloud credentials by publishing fake npm packages that mimic popular projects, allowing them to infiltrate developer environments and gain access to sensitive AWS and Elastic credentials. In just four hours, a single attacker published 14 malicious packages using cleverly disguised names.

Docker Images Expose Hidden Vulnerabilities
Docker containers are a top target for attackers, with a recent analysis of 100 popular Docker Hub images revealing that 64 contained critical flaws due to outdated software versions. Only one in ten images was fully up to date, leaving a vast majority vulnerable to predictable and dangerous exposures.

Snowflake Bolsters AI Security with Natoma Acquisition
Snowflake is supercharging its AI security with the acquisition of Natoma, empowering users to tackle everyday tasks like sending emails and checking calendars without leaving Snowflake Intelligence or Coco. This move is part of Snowflake's vision for an "agentic control plane," where AI agents can take actions across business systems while keeping security controls firmly in place.

Zapier Fixes Bug Chain That Exposed Millions to Account Takeover Risk
A security firm recently uncovered a chain of five weaknesses in popular workflow automation service Zapier that could have put millions of users at risk of account takeover - and thankfully, the issue has now been fixed. The vulnerabilities were surprisingly easy to exploit, requiring only a free Zapier account to potentially gain unauthorized access to user accounts.

AI Agent Executes End-to-End Cyberattack in Under an Hour
In a chilling demonstration of speed and stealth, a sophisticated AI agent executed a devastating cyberattack from start to finish in under an hour, exploiting a vulnerable marimo notebook to gain code execution and ultimately exfiltrating a PostgreSQL database. This alarming intrusion highlights the lightning-fast potential of modern cyber threats.

JINX-0164 Exploits Crypto Firms with Fake Recruiter Lures and macOS Malware
Meet JINX-0164, a cunning threat actor who's been targeting crypto developers with clever fake recruiter lures and custom macOS malware since mid-2025. By impersonating credible LinkedIn profiles and posing as recruiters, they've been tricking victims into virtual meetings that lead to rogue domains.

Managing Shadow AI Tools Requires a Proactive Security Approach
Employees are now using three to five AI tools daily, outpacing the controls in place to manage them, and creating a growing security gap that's hard to ignore. This surge in shadow AI tools is fueled by three key areas: OAuth connections, browser extensions, and bundled AI.

FBI Warns of Kali365 Phishing Kit Targeting Microsoft 365 Users
The FBI is sounding the alarm on Kali365, a phishing kit that makes it easy for attackers to target Microsoft 365 users with AI-generated scams, automated templates, and real-time tracking. This powerful tool is lowering the bar for cybercriminals, allowing less tech-savvy attackers to launch sophisticated phishing campaigns.

CISA Breach Exposes Sensitive Government Systems
A shocking security lapse at CISA exposed highly sensitive government systems, thanks to a contractor's careless mistake of leaving credentials to privileged AWS GovCloud accounts and internal systems publicly available on GitHub. The error granted unfettered access to a vast array of agency infrastructure, putting national security at risk.

Google API Keys Remain Usable for 23 Minutes After Deletion
Deleting a Google API key doesn't mean it's immediately useless to hackers - in fact, our experiments show it can remain active for up to 23 minutes, allowing attackers to continue misusing it even after you've tried to revoke access.

Identity Exposures Form Highways for Cyber Attacks
A single compromised identity can become a superhighway for cyber attacks, giving hackers access to nearly every critical workload a business relies on - as seen in a recent incident where a cached AWS access key on one Windows machine put 98% of the company's cloud environment at risk. Identity has become the ultimate attack path, carrying with it a multitude of permissions just waiting to be exploited.

CISA Exposes Sensitive Data in Unsecured GitHub Repository
A shocking security lapse was uncovered when a GitGuardian researcher stumbled upon a public GitHub repository containing 844 MB of sensitive production infrastructure material from a national agency, left exposed for a staggering six months. This alarming data leak highlights the gravity of unsecured data, with expert Guillaume Valadon describing it as one of the most serious secrets leaks he's ever seen.

Enterprises Lose Visibility as AI Adoption Surges
As AI adoption surges in ANZ enterprises, a concerning gap is emerging: over half of organizations lack confidence in their ability to monitor and govern these new technologies, leaving them vulnerable to an expanding attack surface. AI agents and copilots are rolling out faster than security teams can keep up, creating a visibility blind spot that's hard to ignore.

Bolstering AI Resilience Across Cloud and Data Environments
As AI agents and copilots increasingly access, share, and store enterprise data, organisations in Australia and New Zealand face a pressing question: can they keep their data secure and recoverable in this new landscape? The integration of agentic AI and copilots is expanding data pathways, creating new operational risks that demand attention to visibility, protection, and recovery readiness.

AI Adoption Exposes Identity Security Blind Spots
As organizations rapidly adopt AI, they're unwittingly creating a surge in non-human identities - like AI agents and machine identities - that are outpacing their ability to manage and secure them, leaving them vulnerable to new security risks. This blind spot is exposing companies to excessive privileges, unmanaged access, and orphaned accounts, threatening their security, compliance, and operations.

Microsoft Abuses Self-Service Password Reset in Azure Data Theft Attacks
Microsoft warns that hackers are using clever social engineering tactics and exploiting self-service password reset features to drain sensitive data from high-value Azure assets. By tricking users into approving multi-factor authentication prompts, attackers can gain access to production Microsoft 365 and Azure environments.

CISA Contractor Exposes AWS GovCloud Keys in GitHub Leak
A contractor for the Cybersecurity & Infrastructure Security Agency (CISA) made a critical mistake by exposing sensitive AWS GovCloud keys, plaintext passwords, and internal files in a public GitHub repository. The leak, described as one of the worst ever witnessed, included highly privileged credentials and build artifacts for numerous internal CISA systems.

Microsoft Disputes Azure Vulnerability Report, Silent Patch Issued
Security researcher Justin O'Leary claims a critical flaw in Azure Backup for AKS could let users with zero Kubernetes permissions gain full cluster administration, but Microsoft disputes the finding. The tech giant quietly issued a patch without acknowledging the vulnerability.

ShinyHunters Fuel Surge in Data Leaks
Meet the ShinyHunters, a notorious group behind a surge in public data leaks, who team up with The Com to scam victims out of cloud system access and then hold their data for ransom. This duo's alarming tactic has resulted in a steady stream of sensitive information being dumped into the public domain.