Collecting Cyber-News from over 60 sources

Tag: cloud

Major Scam Network Triad Nexus Adapts Operations to Avoid U.S. Scrutiny

Apr 14, 2026 6:52 PM

Tags: cloud, network, scam, service

After the U.S. Treasury last year sanctioned the Funnull CDN it used, the Triad Nexus scam network changed up its operations and began using major cloud services providers, creating front companies, and shifting away from targeting U.S. victims, instead is focusing on those in Asia, according to Silent Push researchers. First seen on securityboulevard.com Jump…
The Future of Modern Observability

Apr 14, 2026 5:52 PM

Tags: ai, cloud, data, tool

Bridging Observability Gaps With AI, OTel and Scalable Data Models As AI-driven development and cloud adoption accelerate system complexity, traditional observability tools are struggling to keep pace. This analysis outlines four foundational pillars to close visibility gaps and enable faster, AI-powered root cause analysis. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/blogs/future-modern-observability-p-4093
Omnistealer uses the blockchain to steal everything it can

Apr 14, 2026 5:52 PM

Tags: blockchain, cloud, crypto, login, malware, password

This malware is coming for your password managers, saved logins, cloud storage, crypto wallets, and just about anything else it can reach. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/omnistealer-uses-the-blockchain-to-steal-everything-it-can/
Strategie-Briefing des SANS Institute Reaktion auf die Fähigkeiten von Anthropics Claude-Mythos

Apr 14, 2026 5:52 PM

Tags: ai, ciso, cloud, framework, sans, strategy, vulnerability

Das SANS Institute und die Cloud Security Alliance (CSA) veröffentlichen gemeinsam mit [un]prompted und dem OWASP GenAI Security Project den Report ‘The AI Vulnerability Storm: Building a Mythos-Ready Security Program”. Dieses kostenlose Strategie-Briefing gibt CISOs und Sicherheitsverantwortlichen ein umsetzbares Framework an die Hand, um auf das immer schneller werdende Tempo der Entdeckung und Ausnutzung von…
Kubernetes Is Eating Production: Why Usage Keeps Climbing Into 2026

Apr 14, 2026 4:52 PM

Tags: cloud, container, infrastructure, kubernetes, software

<div cla Kubernetes isn’t just up in 2026; it’s becoming the default foundation for production software and AI. The latest CNCF Annual Cloud Native Survey shows that Kubernetes is now the backbone of production infrastructure, with 82% of container users running Kubernetes in production and 94% either running, piloting, or evaluating it. At this point,…
Erstes privates Netzwerk für KI-Agenten

Apr 14, 2026 4:52 PM

Tags: ai, cloud

Bisherige Netzwerkmodelle sind primär für Menschen konzipiert. Mit Cloudflare-Mesh stellt Cloudflare nun die erste private Netzwerklösung vor, die speziell für den rasanten Aufstieg von KI-Agenten entwickelt wurde. Die SASE-Plattform nutzt das globale Cloudflare-Netzwerk, um Menschen, Cloud-Umgebungen und KI-Agenten nahtlos zu vernetzen. Mit der Lösung können Nutzer ab sofort folgende Herausforderungen in privaten Netzwerken lösen: Private…
China-linked cloud credential heist runs on typos and SMTP

Apr 14, 2026 3:52 PM

Tags: access, china, cloud, credentials, detection, espionage, infrastructure, linux, malicious, malware, mitre, monitoring, network, service, tactics, tool

Typosquatting for cloud-native espionage: The campaign relies heavily on deception, the researchers pointed out, using C2 domains closely resembling legitimate Alibaba Cloud services. The typosquatting approach allows malicious traffic to blend into routine cloud operations, specifically in environments where outbound filtering is absent.The implant used is an obfuscated ELF binary, with an executable designed for…
Q1 2026 Open Source Malware Index: Adaptive Attacks, Familiar Weaknesses

Apr 14, 2026 2:51 PM

Tags: access, ai, api, attack, automation, cloud, credentials, crypto, data, github, guide, intelligence, kubernetes, linux, macOS, malicious, malware, open-source, pypi, risk, software, supply-chain, tactics, theft, tool, update, windows, worm

<div cla TL;DR Sonatype identified 21,764 open source malware packages in Q1 2026, bringing the total logged since 2017 to 1,346,867. npm accounted for 75% of malicious packages this quarter. Trojans dominated, with most activity focused on credential theft, host reconnaissance, and staged payload delivery. The quarter’s defining pattern was trust abuse: attackers succeeded by…
Hackers Exploit Obsidian Plugin to Deploy Cross-Platform Malware

Apr 14, 2026 12:52 PM

Tags: access, cloud, crypto, cyber, exploit, finance, group, hacker, linkedin, malware

Hackers are abusing Obsidian’s Shell Commands plugin and shared cloud vaults to deliver a new cross”‘platform malware chain that ends with the PHANTOMPULSE remote access trojan. Attackers pose as a venture capital firm targeting financial and cryptocurrency professionals, first engaging over LinkedIn and then moving conversations to Telegram group chats with multiple fake “partners” to…
Die achte Nutanix-Studie mit dem Enterprise Cloud Index – KI liebt Container, erzeugt Schatten-IT und organisatorische Silos

Apr 14, 2026 12:52 PM

Tags: ai, cloud, container

First seen on security-insider.de Jump to article: www.security-insider.de/ki-liebt-container-erzeugt-schatten-it-und-organisatorische-silos-a-9a52a772733fc6815a5fdf9cd31ef61b/
Cloudflare baut Infrastruktur für die Ära autonomer KI-Agenten aus

Apr 14, 2026 11:52 AM

Tags: ai, cloud, infrastructure

Der nächste Schritt der KI: Mit der Erweiterung seiner Agent Cloud macht Cloudflare deutlich, wohin die Reise geht: weg von statischen Anwendungen, hin zu dynamischen, selbstständig agierenden Systemen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/cloudflare-baut-infrastruktur-fuer-die-aera-autonomer-ki-agenten-aus/a44617/
Okta Under Attack as Hackers Skip Phishing for Identity Systems

Apr 14, 2026 9:52 AM

Tags: attack, breach, cloud, cyber, data, data-breach, email, hacker, identity, okta, phishing, phone, social-engineering

Hackers are shifting away from email phishing and are directly targeting Okta and other identity providers using voice”‘based social engineering, or “Okta vishing.” This trend turns what used to be a single account compromise into an immediate, organization”‘wide cloud data breach via Single Sign-On (SSO). Instead of sending links, they stay on the phone and…
APT41 Targets Linux Cloud Servers With New Winnti Backdoor

Apr 14, 2026 8:52 AM

Tags: backdoor, china, cloud, control, credentials, cyber, detection, linux, theft, threat

A previously undocumented Linux backdoor attributed to China-linked threat group APT41 (Winnti) has been uncovered, targeting cloud workloads across AWS, GCP, Azure, and Alibaba Cloud. The ELF-based implant, currently showing zero detections on VirusTotal, transforms Linux servers into stealthy credential theft nodes using a novel SMTP-based command-and-control (C2) mechanism. The discovery indicates a new phase in APT41’s Linux and cloud-targeted…
29 million leaked secrets in 2025: Why AI agents credentials are out of control

Apr 14, 2026 7:52 AM

Tags: access, ai, api, cloud, control, credentials, data-breach, LLM, saas

AI agents need credentials to work. They authenticate with LLM platforms, connect to databases, call SaaS APIs, access cloud resources, and orchestrate across dozens of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/14/gitguardian-ai-agents-credentials-leak/
CSA: CISOs Should Prepare for Post-Mythos Exploit Storm

Apr 14, 2026 12:52 AM

Tags: ai, ciso, cloud, exploit, vulnerability

Security experts warn of an AI vulnerability storm triggered by the introduction of Anthropic’s Claude Mythos in a new paper from the Cloud Security Alliance (CSA). First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/csa-cisos-prepare-post-mythos-exploit-storm
How capable is Agentic AI in handling complex cloud deployments?

Apr 13, 2026 11:52 PM

Tags: ai, cloud, identity, infrastructure, vulnerability

What Makes Non-Human Identities Crucial in a Complex Cloud Environment? One might wonder how organizations can secure their digital assets effectively. The answer lies in a robust Non-Human Identity (NHI) management system. NHIs serve as a cornerstone in safeguarding cloud infrastructure by addressing vulnerabilities that often arise due to the disconnect between security and R&D……
How to proactively secure NHIs in your organization?

Apr 13, 2026 11:52 PM

Tags: cloud, computing, cybersecurity, infrastructure

Are Non-Human Identities the Weak Link in Your Security Infrastructure? Where digital transformation impacts every sector, the management of Non-Human Identities (NHIs) represents a burgeoning area of concern for cybersecurity professionals. Organizations are increasingly relying on machine identities due to the rise of cloud computing and automated services; however, the complexity of these systems often……
Microsegmentation Is Creating More Policy Than Teams Can Manage. AI Won’t Fix It.

Apr 13, 2026 7:52 PM

Tags: ai, cloud, control

Microsegmentation has become a cornerstone of modern security. It promises granular control, reduced lateral movement, and a practical path to Zero Trust. And as organizations expand across hybrid, cloud, and… First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/microsegmentation-is-creating-more-policy-than-teams-can-manage-ai-wont-fix-it/
APT41 Delivers ‘Zero-Detection’ Backdoor to Harvest Cloud Credentials

Apr 13, 2026 5:52 PM

Tags: backdoor, china, cloud, credentials, detection, google, group, threat

The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/apt41-zero-detection-backdoor-harvest-cloud-credentials
APT41 Delivers ‘Zero-Detection’ Backdoor to Harvest Cloud Credentials

Apr 13, 2026 5:52 PM

Tags: backdoor, china, cloud, credentials, detection, google, group, threat

The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/apt41-zero-detection-backdoor-harvest-cloud-credentials
Hackers claim breach of Rockstar Games via cloud analytics platform

Apr 13, 2026 4:52 PM

Tags: breach, cloud, cybercrime, data, group, hacker, ransom

The ShinyHunters cybercrime group has claimed responsibility for breaching systems linked to video game developer Rockstar Games, threatening to release stolen data if a ransom is not paid. First seen on therecord.media Jump to article: therecord.media/rockstar-hackers-cyberattack-cloud
Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

Apr 13, 2026 3:51 PM

Tags: access, advisory, ai, api, attack, authentication, breach, cloud, credentials, cve, data-breach, exploit, firewall, flaw, Internet, open-source, rce, remote-code-execution, software, theft, tool, update, vulnerability

Credentials stolen in under three minutes: To track real-world exploitation, deployed honeypot servers running vulnerable Marimo instances across multiple cloud providers and observed the first exploitation attempt within 9 hours and 41 minutes of disclosure. No ready-made exploit tool existed at the time. The attacker had built one using only the advisory description, Sysdig researchers…
Welche Arten von identitätsbasierten Angriffen gibt es und wie lässt sich die Identität schützen?

Apr 13, 2026 3:51 PM

Tags: cloud, saas

Identitäten sind zum Bindeglied moderner Unternehmen geworden. Da Unternehmen zunehmend auf SaaS, Cloud-Infrastrukturen, Remote-Arbeit und föderierte Identitäten setzen, richten Angreifer ihr Augenmerk immer stärker auf Identitäten, da die Kontrolle darüber oft einen legitim erscheinenden Zugang zu Systemen und Daten ermöglicht. Ein Interview mit Jared Atkinson, CTO bei Specterops, zu identitätsbasierte Angriffe. Netzpalaver: Welche Arten […]…
Critical Axios Vulnerability Enables Remote Code Execution, PoC Released

Apr 13, 2026 1:52 PM

Tags: cloud, control, cve, cvss, cyber, flaw, infrastructure, remote-code-execution, vulnerability

A critical security vulnerability has been discovered in Axios, one of the most widely used HTTP client libraries, exposing applications to Remote Code Execution (RCE) and full cloud infrastructure compromise. Tracked as CVE-2026-40175, this flaw carries a critical CVSS 3.1 score of 9.9 and allows attackers to bypass AWS IMDSv2 security controls to exfiltrate sensitive…
Ausfallsicherheit für Cloud-Regionen – Digitale Souveränität auch für Backups und Notfallpläne

Apr 13, 2026 12:52 PM

Tags: backup, cloud

First seen on security-insider.de Jump to article: www.security-insider.de/digitale-souveraenitaet-auch-fuer-backups-und-notfallplaene-a-f94074dc884c0c97444fc906f555deb0/
Datendiebstahl trifft Snowflake-Nutzer

Apr 13, 2026 11:52 AM

Tags: cloud, vulnerability

Die gemeldeten Vorfälle, von denen Snowflake-Kunden betroffen sind, veranschaulichen ein wiederkehrendes Muster in der modernen Cloud-Sicherheit: die Ausnutzung vertrauenswürdiger Integrationen und authentifizierter Zugriffe anstatt von Schwachstellen in der Kerninfrastruktur. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/datendiebstahl-trifft-snowflake-nutzer
APT37 Uses Facebook, Telegram, and Trojanzied Installer in New Targeted Cyberattack

Apr 13, 2026 10:51 AM

Tags: access, cloud, cyber, cyberattack, data, edr, injection, social-engineering

APT37 is running a new targeted intrusion campaign that abuses Facebook, Telegram, and a tampered Wondershare PDFelement installer to gain stealthy access and exfiltrate sensitive data, likely from defense”‘related targets. The operation shows a continued evolution of APT37’s social engineering and evasion tradecraft, and demands behavior”‘based EDR capable of spotting process injection, abused cloud storage,…
The Vuln Surge is Coming. CSA is Telling Us How to Survive It

Apr 13, 2026 6:52 AM

Tags: ai, automation, cloud, exploit, vulnerability

The Cloud Security Alliance’s MythosReady report offers a calm, rational roadmap for navigating the AI-driven vulnerability surge. But two critical questions about exploit automation and the painful transition ahead deserve more attention. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/the-vuln-surge-is-coming-csa-is-telling-us-how-to-survive-it/
What are the best practices for managing NHIs securely?

Apr 13, 2026 1:52 AM

Tags: best-practice, cloud, cybersecurity, finance, healthcare, service

Why is NHI Management Crucial for Cloud Security? How can organizations protect machine identities effectively? Non-Human Identities (NHIs) have become integral to cybersecurity strategies. These machine identities play a significant role, especially in environments where cloud security is paramount. With sectors like financial services, healthcare, and DevOps relying heavily on the cloud, the importance of……
What are the best practices for managing NHIs securely?

Apr 13, 2026 1:52 AM

Tags: best-practice, cloud, cybersecurity, finance, healthcare, service

Why is NHI Management Crucial for Cloud Security? How can organizations protect machine identities effectively? Non-Human Identities (NHIs) have become integral to cybersecurity strategies. These machine identities play a significant role, especially in environments where cloud security is paramount. With sectors like financial services, healthcare, and DevOps relying heavily on the cloud, the importance of……