cloud security threats

From The Hacker News – Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code

A maximum severity security vulnerability has been disclosed in Apache Parquet's Java Library that, if successfully exploited, could allow a remote attacker to execute arbitrary code on susceptible instances. Apache Parquet is a free and open-source columnar data file format that's designed for efficient data processing and retrieval, providing support for complex data, high-performance

shaikh Saqib April 4, 2025

Vulnerabilities

From Cybersecurity Help – Ongoing campaign targets exposed PostgreSQL instances to deploy crypto miners

The campaign could involve over 1,500 compromised systems. Read More

Samir K April 2, 2025

News

From The Hacker News – Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Exposed PostgreSQL instances are the target of an ongoing campaign designed to gain unauthorized access and deploy cryptocurrency miners. Cloud security firm Wiz said the activity is a variant of an intrusion set that was first flagged by Aqua Security in August 2024 that involved the use of a malware strain dubbed PG_MEM. The campaign has been attributed to a threat actor Wiz tracks as

shaikh Saqib April 1, 2025

News

From Cyber Security News – SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk

From WannaCry to the MGM Resorts Hack, ransomware remains one of the most damaging cyberthreats to plague enterprises. Chainalysis estimates that corporations spend nearly $1 billion dollars on ransom each…

shaikh Saqib March 29, 2025

News

From Cyber Security News – Cloud Attacks Raises by Five Times Attacking Sensitive IAM Service Accounts

Organizations are facing an unbelievable surge in cloud-based security threats, with attacks nearly five times more frequent at the end of 2024 compared to the beginning of the year. Most…

shaikh Saqib March 27, 2025

News

From Dark Reading – China’s Silk Typhoon APT Shifts to IT Supply Chain Attacks

The nation-state threat group has been breaching providers of remote management tools, identity management providers, and other IT companies to access networks of targeted entities, according to Microsoft. Read More

shaikh Saqib March 6, 2025

News

From Cyber Security News – Microsoft Listed Hackers Abusing Azure OpenAI Service to Generate Malicious Content

Microsoft has initiated legal proceedings against a global cybercrime syndicate accused of developing sophisticated tools to bypass safety protocols in its Azure OpenAI Service. The complaint, filed in the U.S.…

shaikh Saqib March 1, 2025

News

From Cyber Security News – Microsoft SharePoint Connector Vulnerability Let Attackers Steal User’s Credentials

A critical server-side request forgery (SSRF) vulnerability in Microsoft Power Platform’s SharePoint connector allowed attackers to harvest user credentials and impersonate victims across multiple services, including Power Apps, Power Automate,…

shaikh Saqib February 10, 2025