Cloud
Hackers Abusing Google Cloud For Phishing
Threat actors often attack cloud services for several illicit purposes. Google Cloud is targeted due to its extensive and powerful resources, which could be...
Bug Bounty
New TE.0 HTTP Request Smuggling Flaw Impacts Google Cloud Websites
HTTP Request Smuggling is a flaw in web security that is derived from variations in the way different web servers or intermediaries, such as...
Cloud
Cloud-Based Malware Attack Abusing Google Drive & Dropbox
A phishing email with a malicious zip attachment initiates the attack. The zip contains a single executable disguised as an Excel file using Left-To-Right...
Cloud
Critical Memory Corruption In Cloud Logging Infrastructure Enables Code Execution Attack
Fluent Bit, a widely used open-source data collector and processor, has been found to have a major memory loss flaw.
Many big cloud providers use...
Cloud
New LLMjacking Used Stolen Cloud Credentials to Attack Cloud LLM Servers
Researchers have identified a new form of cyberattack termed "LLMjacking," which exploits stolen cloud credentials to hijack cloud-hosted large language models (LLMs).
This sophisticated attack...
Cloud
Attackers Leverage Sidecar Container Injection Technique To Stay Stealthy
Kubernetes (K8s) is an open-source container orchestration platform designed to automate application container deployment, scaling, and running.
Containers are isolated software packages that are lightweight...
Cloud
Ahoi Attacks – New Attack Breaking VMs With Malicious Interrupts
Ahoy, which is often associated with communicating to ships, has now been playfully adopted in pirate language.
We coin 'Ahoi,' an anagram of 'Iago,'...
Cloud
DarkGate Malware Abusing Cloud Storage & SEO Following Delivery Over Teams
DarkGate loader delivery surged after the Qakbot takedown, with financially motivated actors like TA577 and ransomware groups (BianLian, Black Basta) using it to target...