Cloud Security

Amazon_web_services

UNC6426 Uses nx npm Supply Chain Attack to Obtain AWS Admin Access Within 72 Hours

Cybersecurity investigators have revealed that a threat actor identified as UNC6426 successfully breached a company’s cloud infrastructure within 72 hours by abusing credentials stolen during a software supply chain compromise involving the Nx npm package. According to findings published in the Google Cloud Threat Horizons Report H1 2026, the attacker initially obtained a developer’s GitHub token. This credential enabled […]

UNC6426 Uses nx npm Supply Chain Attack to Obtain AWS Admin Access Within 72 Hours Read More »

Looker Studio

New “LeakyLooker” Vulnerabilities in Google Looker Studio May Allow Cross Tenant SQL Queries

Cybersecurity researchers have uncovered a group of security vulnerabilities in Google Looker Studio that could have enabled attackers to run unauthorized SQL queries against victims’ databases and extract sensitive information across different organizations. The flaws, collectively named LeakyLooker, were identified by researchers from Tenable. The vulnerabilities could have exposed data across multiple environments within Google Cloud infrastructures. Google has confirmed that

New “LeakyLooker” Vulnerabilities in Google Looker Studio May Allow Cross Tenant SQL Queries Read More »

Thousands of Google Cloud API Keys Exposed After Gemini Access Enabled

A new security analysis has revealed that thousands of publicly exposed Google Cloud API keys could be misused to access sensitive Gemini AI endpoints once the Generative Language API is activated within a project. Researchers at Truffle Security identified nearly 3,000 Google API keys, recognizable by the prefix AIza, embedded in client side JavaScript code across websites.

Thousands of Google Cloud API Keys Exposed After Gemini Access Enabled Read More »

RoguePilot Vulnerability in GitHub Codespaces Allowed GitHub Copilot to Expose GITHUB_TOKEN

A now patched security flaw in GitHub Codespaces could have allowed attackers to hijack repositories by abusing Copilot through a malicious GitHub issue. The vulnerability, discovered by Orca Security, was named RoguePilot and responsibly disclosed to Microsoft. How the Attack Worked The weakness stemmed from how Codespaces integrates Copilot into developer workflows. When a user launches a

RoguePilot Vulnerability in GitHub Codespaces Allowed GitHub Copilot to Expose GITHUB_TOKEN Read More »

Study Reveals 25 Password Recovery Vulnerabilities in Leading Cloud Password Managers

A newly published academic study has revealed 25 distinct password recovery attacks affecting leading cloud-based password managers, including Bitwarden, Dashlane, and LastPass. Under specific threat conditions, these vulnerabilities could allow attackers to recover stored credentials or compromise organizational vaults. The research, conducted by academics from ETH Zurich and Università della Svizzera italiana, evaluated the security claims surrounding zero-knowledge encryption architectures implemented

Study Reveals 25 Password Recovery Vulnerabilities in Leading Cloud Password Managers Read More »

More Than 60 Software Vendors Release Security Updates Across OS, Cloud, and Network Platforms

As part of the latest Patch Tuesday cycle, more than 60 technology vendors have rolled out security updates addressing vulnerabilities affecting operating systems, cloud infrastructure, enterprise applications, and network devices. The coordinated wave of patches reflects the ongoing effort to strengthen cybersecurity defenses across global IT environments. Microsoft Addresses 59 Vulnerabilities Microsoft issued fixes for

More Than 60 Software Vendors Release Security Updates Across OS, Cloud, and Network Platforms Read More »

Mandiant Identifies ShinyHunters Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

Google-owned Mandiant has reported a significant rise in threat activity involving sophisticated voice phishing operations designed to compromise cloud-based software-as-a-service platforms. The activity shows strong tradecraft similarities to extortion campaigns historically associated with the financially motivated cybercrime group known as ShinyHunters. These attacks rely on advanced vishing techniques combined with fake credential harvesting websites that

Mandiant Identifies ShinyHunters Style Vishing Attacks Stealing MFA to Breach SaaS Platforms Read More »

Researchers Discover 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries

Cybersecurity researchers have uncovered a large scale exposure of artificial intelligence infrastructure after identifying more than 175,000 publicly accessible Ollama AI servers operating across 130 countries. The findings come from a joint investigation conducted by SentinelOne SentinelLABS and Censys, which highlights the rapid growth of unmanaged AI compute environments on the public internet. According to

Researchers Discover 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries Read More »

Cloudflare Zero-Day Vulnerability Allows Any Host Access by Bypassing Security Protections

Security researchers have disclosed a critical zero-day flaw in Cloudflare’s Web Application Firewall that allowed attackers to bypass security rules and directly access origin servers that were supposed to be fully protected. The issue was identified by researchers from FearsOff, who discovered that HTTP requests sent to the /.well-known/acme-challenge/ path could reach backend servers even when customers

Cloudflare Zero-Day Vulnerability Allows Any Host Access by Bypassing Security Protections Read More »

AWS CodeBuild Misconfiguration Exposed GitHub Repositories to Potential Supply Chain Attacks

Cloud security researchers have revealed that a critical misconfiguration in AWS CodeBuild could have allowed attackers to fully compromise Amazon Web Services owned GitHub repositories, including the widely used AWS JavaScript SDK. The issue created a potential pathway for large scale supply chain attacks that could have impacted countless AWS customers. The vulnerability, named CodeBreach by cloud security firm Wiz,

AWS CodeBuild Misconfiguration Exposed GitHub Repositories to Potential Supply Chain Attacks Read More »