Novel OAuth Client ID Spoofing Technique Targets Cloud Environments
New research reveals cyber-attackers can spoof OAuth Client IDs in Microsoft Entra ID, creating a stealthy path into cloud environments
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
New research reveals cyber-attackers can spoof OAuth Client IDs in Microsoft Entra ID, creating a stealthy path into cloud environments
LeakyLooker flaws in Google Looker Studio let attackers run cross-tenant SQL attacks on cloud data
Huntress researchers uncover campaign exploiting vulnerabilities to steal data using Elastic Cloud as a data hub
Detected by Check Point researchers, VoidLink is a sophisticated malware framework that can be used to implant malware in the most common cloud environments
Threat actors were exploiting vulnerable versions of Triofox after a patched version was released, said Google Cloud researchers
A rise in attacks on PHP servers, IoT devices and cloud gateways is linked to botnets exploiting flaws, according to new research published by Qualys
CyCognito research finds that a third of education sector APIs, web apps and cloud assets are exposed to attack
The vulnerability, discovered by Wiz researchers, affects both cloud-based and on-premises AI applications using the toolkit
A growing number of malware operators have turned to cloud-based command and control servers to deploy malicious campaigns, Fortinet researchers found
The research also revealed 69% of enterprises have yet to integrate AI into cloud environments
Wiz Research said the vulnerabilities were discovered in the Linux filesystem, OverlayFS
Researcher finds pro-Ukraine hacktivists are having an impact