Tag: Cloud Security

Security researchers report malicious Docker images and VS Code extensions tied to Checkmarx supply chain compromise, exposing developer credentials, cloud tokens, and CI/CD secrets through multi-stage malware and npm propagation.

Cisco Talos reports threat actors abusing n8n webhooks to deliver malware, run phishing campaigns, and fingerprint devices using trusted cloud infrastructure.

VaporVM announces a strategic partnership with France based Cybi to deliver AI powered cybersecurity solutions, threat prediction, and compliance support across Middle East and Europe.

Salesforce warns of large scale scanning attempts targeting misconfigured Experience Cloud sites using a modified AuraInspector tool capable of extracting sensitive data from public endpoints.

Real world investigations show how AI powered SOC platforms can conduct multi source threat analysis, helping security teams detect credential compromise and advanced phishing attacks faster.

Researchers have uncovered nearly 3,000 publicly exposed Google Cloud API keys that gained unintended access to Gemini endpoints after API enablement, raising concerns over data exposure and unexpected billing charges.

RapidCompute completes PCI DSS version 4.0.1 certification through REDSECLABS, strengthening cardholder data protection and global payment security standards across its data center infrastructure.

Sangfor Technologies, in collaboration with NetSoft Solutions, hosted a customer security workshop in Lahore focused on Athena SecOps, MDR, XDR, and integrated cloud and network security solutions.

CrowdStrike Falcon is now available on Microsoft Marketplace with full Azure Consumption Commitment eligibility, strengthening collaboration between CrowdStrike and Microsoft Azure.

Cybersecurity researchers uncover the first known malicious Microsoft Outlook add in used to steal more than 4,000 Microsoft credentials through an abandoned domain takeover supply chain attack.

A misconfiguration in AWS CodeBuild allowed potential takeover of GitHub repositories including aws-sdk-js-v3, exposing cloud environments to supply chain risks. AWS has since remediated the issue.

Pakistan’s National Computer Emergency Team issues urgent advisory on CVE-2025-20286, a critical vulnerability in Cisco ISE cloud deployments that allows full access without a password.