10 articles tagged with "Cloud Security"
European Commission announces Chips Act 2.0 and Cloud and AI Development Act to reduce reliance on US cloud giants and Chinese telecom vendors. Four-tier trust framework for cloud services incoming.
Threat actor PCPJack compromised 230 AWS, Azure, and Google Cloud servers to build a hidden email relay network. Hunt.io and SentinelOne researchers expose the operation.
CVE-2026-41283 enables unauthenticated remote code execution on OpenStack Mistral through 22.0.0. Trivial exploitation when API is network-accessible.
SentinelLABS uncovers PCPJack, a credential-stealing worm that removes TeamPCP infections before harvesting API keys from Docker, Kubernetes, and cloud services. Five CVEs enable worm-like spread.
AiTM and token theft attacks hit 40,000 daily incidents in 2026. CISA warns OAuth tokens bypass MFA, enabling invisible lateral movement across SaaS apps.
Check Point tracks an Iran-nexus campaign targeting Microsoft 365 accounts across 300+ Israeli organizations and 25+ UAE entities. Attackers use Tor exit nodes and Israeli VPNs to evade detection.
Hackers compromised the European Commission's Amazon cloud infrastructure, claiming to steal 350GB of data including employee databases. Investigation ongoing.
Cloud-native worm campaign by TeamPCP has compromised 60,000+ servers by exploiting Docker APIs, Kubernetes, and React2Shell. Flare researchers detail the industrialized operation.
New Linux botnet SSHStalker infected 7,000 cloud servers using brute-force SSH attacks and 2009-era kernel exploits. Uses IRC for command-and-control while apparently staging for future operations.
Check Point researchers expose a sophisticated cloud-native malware framework designed from the ground up to target AWS, Azure, GCP, and containerized environments.