Cloud Security Archives • Page 4 of 6 • Daily CyberSecurity

The “WorkMail Pivot”: Hackers Abuse AWS WorkMail to Bypass SES Sandbox AWS WorkMail Abuse SES Sandbox Bypass

The “WorkMail Pivot”: Hackers Abuse AWS WorkMail to Bypass SES Sandbox

Do Son January 30, 2026

A new investigation by Rapid7 reveals that cybercriminals have found a clever way to bypass the strict...

CodeBreach: Missing Regex Anchors Exposed AWS Console to Takeover CodeBreach Vulnerability AWS Supply Chain Attack

CodeBreach: Missing Regex Anchors Exposed AWS Console to Takeover

Do Son January 17, 2026

A seemingly minor misconfiguration in a regular expression could have allowed attackers to seize control of critical...

OpenStack Admin Forgery: CVE-2026-22797 Lets Users ‘Ask’ for Root CVE-2022-38065 OpenStack Vulnerability CVE-2026-22797

OpenStack Admin Forgery: CVE-2026-22797 Lets Users ‘Ask’ for Root

Do Son January 16, 2026

A significant security flaw has been closed in the OpenStack cloud infrastructure project, specifically within its identity...

VoidLink: The “Cloud-First” Malware Hunting Your Linux Servers Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

VoidLink: The “Cloud-First” Malware Hunting Your Linux Servers

Do Son January 14, 2026

A new, highly sophisticated malware framework has emerged from the shadows, specifically engineered to infest the modern...

Elastic Stack Under Fire: 7 New Flaws Expose Files & Crash Servers Elastic Security Update CVE-2026-0532 Elastic Defend Arbitrary Delete, SYSTEM Privilege Escalation ECE Readonly EoP, Improper Authorization Elastic XSS, Kibana Vulnerabilities Elastic LPE, Observability Tools Vulnerabilities

Elastic Stack Under Fire: 7 New Flaws Expose Files & Crash Servers

Do Son January 14, 2026

Elastic has released a massive security update addressing seven distinct vulnerabilities across its ecosystem, urging administrators to...

AI Identity Theft: Critical ServiceNow Flaw (CVE-2025-12420) Allows Unauthenticated Impersonation ServiceNow AI Platform CVE-2026-0542 ServiceNow AI Vulnerability CVE-2025-12420 CVE-2025-0337

ServiceNow AI Platform CVE-2026-0542 ServiceNow AI Vulnerability CVE-2025-12420 CVE-2025-0337

AI Identity Theft: Critical ServiceNow Flaw (CVE-2025-12420) Allows Unauthenticated Impersonation

Do Son January 13, 2026

A critical vulnerability has been uncovered in the ServiceNow AI Platform, potentially allowing unauthenticated attackers to masquerade...

CVE-2025-68926: Critical Hardcoded Credential Flaw Exposes RustFS Storage Clusters RustFS, Hardcoded Token (CVE-2025-68926)

CVE-2025-68926: Critical Hardcoded Credential Flaw Exposes RustFS Storage Clusters

Do Son January 2, 2026

RustFS, a distributed object storage system celebrated for leveraging the memory safety and performance of the Rust...

The AMX Lockdown: Critical KVM Bug Allows Guest VMs to Crash Linux Hosts Linus Torvalds AI bug reports Linux Kernel 7.0 Linux EFI Zboot - CVE-2022-42719 Linux KVM Intel AMX kernel panic, KVM guest host crash 2025

Linus Torvalds AI bug reports Linux Kernel 7.0 Linux EFI Zboot - CVE-2022-42719 Linux KVM Intel AMX kernel panic, KVM guest host crash 2025

The AMX Lockdown: Critical KVM Bug Allows Guest VMs to Crash Linux Hosts

Do Son December 25, 2025

An unpleasant flaw surfaced in Linux—one capable of causing serious headaches for server administrators, particularly in public...

Operation PCPcat: 60,000 Next.js Servers Hijacked in Just 48 Hours Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Operation PCPcat: 60,000 Next.js Servers Hijacked in Just 48 Hours

Do Son December 24, 2025

A highly automated and ruthlessly efficient cyber-espionage campaign is tearing through the cloud infrastructure of modern web...

Locked Out of the Cloud: Hackers Use AWS Termination Protection to Hijack ECS for Unstoppable Crypto Mining AWS Cryptojacking, Termination Protection

AWS Cryptojacking, Termination Protection

Locked Out of the Cloud: Hackers Use AWS Termination Protection to Hijack ECS for Unstoppable Crypto Mining

Do Son December 18, 2025

In a striking display of cloud-native tradecraft, cybercriminals have been caught turning legitimate AWS environments into illicit...

Salesforce Revokes Access Tokens: Gainsight App Breach May Have Exposed Customer Data Salesforce Gainsight Breach AppExchange Security Vishing, Salesforce Attack UNC6040

Salesforce Gainsight Breach AppExchange Security Vishing, Salesforce Attack UNC6040

Salesforce Revokes Access Tokens: Gainsight App Breach May Have Exposed Customer Data

Do Son November 21, 2025

Salesforce has issued an urgent security alert after discovering unusual activity involving Gainsight-published applications connected to its...

Next-Gen Ransomware Targets AWS S3: Five Cloud-Native Variants Exploit Misconfigurations for Irreversible Data Destruction S3 Ransomware, Cloud-Native Extortion

Next-Gen Ransomware Targets AWS S3: Five Cloud-Native Variants Exploit Misconfigurations for Irreversible Data Destruction

Do Son November 20, 2025

A new report from Trend Research warns that ransomware operators are rapidly shifting their focus from traditional...

Google Launches Private AI Compute for Pixel 10, Blending Cloud Power with On-Device Privacy Private AI Compute, Gemini Cloud Privacy

Google Launches Private AI Compute for Pixel 10, Blending Cloud Power with On-Device Privacy

Do Son November 13, 2025

Google has announced the launch of a new cloud-based architecture called Private AI Compute, designed to enable...

CVE-2025-11919: Wolfram Cloud Vulnerability Exposes Users to Privilege Escalation and Remote Code Execution Wolfram Cloud RCE, Multi-Tenant JVM

CVE-2025-11919: Wolfram Cloud Vulnerability Exposes Users to Privilege Escalation and Remote Code Execution

Do Son November 13, 2025

A newly disclosed vulnerability in Wolfram Cloud version 14.2 — tracked as CVE-2025-11919 — could allow attackers...

HashiCorp Patches Vault Flaws: AWS Auth Bypass and Unauthenticated JSON DoS Vault AWS Auth Bypass, JSON DoS

HashiCorp Patches Vault Flaws: AWS Auth Bypass and Unauthenticated JSON DoS

Do Son October 27, 2025

Two high-severity vulnerabilities disclosed by HashiCorp could expose Vault deployments to denial-of-service (DoS) attacks and cross-account authentication...

Jingle Thief Cybercrime Gang Steals Hundreds of Thousands in Gift Card Fraud via Microsoft 365 Identity Abuse Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Jingle Thief Cybercrime Gang Steals Hundreds of Thousands in Gift Card Fraud via Microsoft 365 Identity Abuse

Do Son October 24, 2025

Palo Alto Networks’ Unit 42 has published an in-depth analysis of a financially motivated cyber campaign dubbed...

Privilege Escalation Flaw Discovered in MinIO Service Accounts — CVE-2025-62506 MinIO Signature Bypass Unauthenticated Object Write MinIO Privilege Escalation, Policy Bypass CVE-2024-55949

MinIO Signature Bypass Unauthenticated Object Write MinIO Privilege Escalation, Policy Bypass CVE-2024-55949

Privilege Escalation Flaw Discovered in MinIO Service Accounts — CVE-2025-62506

Do Son October 18, 2025

The developers of MinIO, a popular high-performance, S3-compatible object storage platform, have issued a critical security advisory...

Crimson Collective APT Uses Leaked IAM Keys to Hijack AWS Accounts for Data Theft

Do Son October 9, 2025

Security researchers at Rapid7 have identified a newly emerging cybercriminal group known as Crimson Collective, which has...

ShadowV2: How a New DDoS Botnet Mimics Cloud-Native Apps ShadowV2, DDoS

ShadowV2: How a New DDoS Botnet Mimics Cloud-Native Apps

Do Son September 25, 2025

Researchers at Darktrace have identified a sophisticated new campaign that merges traditional malware techniques with modern DevOps...

Salesforce Breach Through Salesloft Drift Hits Google, Cloudflare, and 750 Firms Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Salesforce Breach Through Salesloft Drift Hits Google, Cloudflare, and 750 Firms

Do Son September 9, 2025

Beginning in July 2025, several high-profile companies reported breaches of their Salesforce CRM (Customer Relationship Management) systems,...

Critical Alert 1 Active Exploit Detected Today