Threat Post

Firms Push for CVE-Like Cloud Bug System

Researchers propose fresh approaches to cloud-security bugs and mitigating exposure, impact and risk. Big gaps exist in the 22-year-old Common Vulnerability and Exposures (CVE) system that do not ...
Threat Post

Argo CD Security Bug Opens Kubernetes Cloud Apps to Attackers

The popular continuous-delivery platform has a path-traversal bug (CVE-2022-24348) that could allow cyberattackers to hop from one application ecosystem to another. A high-severity security ...
Dark Reading

Oracle Fixes Critical Bug in Cloud Code Editor

Cloud integrations promise easier access to tools, shared sessions, and unified workflows. But as a newly discovered vulnerability in Oracle Cloud Infrastructure (OCI) Code Editor shows, they can also ...
Dark Reading

Most Google Cloud Attacks Start With Bug Exploitation

Exploitation of user-managed cloud software has overtaken credential abuse as the method by which most attackers gain initial access to cloud resources. In its semi-annual "Cloud Threat Horizons ...
Bleeping Computer

Hackers exploit Looney Tunables Linux bug, steal cloud creds

The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to ...
Infosecurity-magazine.com

Critical Fluent Bit Bug Impacts All Major Cloud Platforms

Security researchers have warned of another critical software supply chain vulnerability – this time affecting a popular logging utility with 13 billion downloads. Tenable claimed that a memory ...
Computer Weekly

Google Cloud seals bug that could have led to data breaches

Google Cloud has fixed a potentially dangerous application programming interface (API) vulnerability in its platform that, had it been exploited by malicious actors, could have led to widespread data ...