The recent TruffleNet campaign, first documented by Fortinet, highlights a familiar and uncomfortable truth for security leaders: some of the most damaging cloud attacks aren’t exploiting zero-day vulnerabilities. They’re exploiting identity models that were never designed for the scale and automation of modern cloud environments. Nothing about this attack was novel. That’s precisely the problem….
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2025/12/trufflenet-and-cloud-abuse-at-scale-an-identity-architecture-failure/
