New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens
A Go botnet called NadMesh turned up in early July hunting exposed AI services, and the operator's own dashboard claims 3,811 unique AWS keys
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A Go botnet called NadMesh turned up in early July hunting exposed AI services, and the operator's own dashboard claims 3,811 unique AWS keys
Google Cloud incorporates key Wiz capabilities into an agentic defense platform to automate threat detection and remediation against AI attacks.
For years, routing traffic through cloud proxies was good enough. Then work moved to the browser, AI entered the workflow, and the inspection model stopped keeping up
Researcher confirms the uploads have stopped, but says xAI's privacy command was not what fixed them
xAI's Grok Build coding CLI was uploading entire Git repositories, full commit history and all, to a Google Cloud Storage bucket run by xAI, not just the files a coding task needed
Malware Harvested Cloud Credentials, Source Code and Deployment TokensAttackers used a compromised npm publishing credential to release five malicious versions of Jscrambler's Code Integrity package, deploying a Rust-based infostealer that harvested developer, cloud and AI tool credentials while evolving its delivery methods to evade detection.
Hitesh Sheth: Cloud, SaaS, Data Center Visibility Boosts Enterprise Risk AssessmentVectra AI CEO Hitesh Sheth says comprehensive network observability provides the most reliable foundation for predictive cybersecurity because it spans cloud, SaaS and on-premises infrastructure while offering telemetry that attackers are far less able to manipulate than endpoint logs.
SaaS Observability Vendor Adds Real-Time Network Flow Telemetry to DNS IntelligenceInfoblox plans to acquire San Francisco-based network observability specialist Kentik to combine DNS, DHCP, asset intelligence and real-time network flow telemetry into a unified platform designed to help enterprises manage increasingly complex hybrid cloud and AI-driven environments.
Also: Oracle Suit Points to AI Revenue Forecasting Risk; the AI Sovereignty PushIn this week's panel, four editors discussed the growing role of artificial intelligence in U.S. federal government cybersecurity, Oracle's investor lawsuit over its projected cloud sales to frontier AI lab OpenAI and what AI sovereignty means for enterprises.
A cryptomining incident highlights how AI gateways can provide access to AI models, cloud infrastructure, and identity and access management (IAM) data.
As hospital-at-home programs expand and AI adoption accelerates, healthcare organizations face mounting cloud security demands. Anahi Santiago, CISO of ChristianaCare, discusses vendor accountability, identity management, clinical AI risks and the need for stronger cybersecurity foundations.
Agentic AI is redefining security operations by embedding intelligence across detection, investigation and response. Optiv's Ben Spencer and Google Cloud's Wayne Kearns explain how AI-powered SOCs strengthen defense, why human expertise is essential and how MSSPs can accelerate enterprise adoption.
The attacker exploited AI workflows, chained cloud weaknesses, and stolen credentials to extort a large Amazon customer.
Sygnia report details how agentic AI accelerated weeks-long attack to just 72 hours
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp, targeting credentials linking development and admin environments to wider enterprise systems.
Researchers warn many AI coding assistants now execute commands from project configurations
A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and Amazon Q does the rest. Amazon has patched it
The internet did not break this week. It got used exactly as designed, which is worse
A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim's project hijack the victim's machine learning model upload and run code inside Google's serving infrastructure
Also: Identity as the New Control Plane, Healthcare's AI Governance ChallengeIn this week's panel, four ISMG editors discussed Anthropic's ambitious release of the Mythos and Fable 5 models, how cybersecurity teams are strengthening identity in complex cloud environments and the healthcare industry's efforts to govern artificial intelligence responsibly.