Hacker NewsJun 17

Most of the CVE-2026-4020 attackers are the same client

https://honeylabs.net/blog/the-cloud-fleet-behind-cve-2026-4020

#HackerNews #CVE20264020 #cybersecurity #cloudfleet #attackers #analysis

Most of the CVE-2026-4020 attackers are the same client | HoneyLabs blog

Almost every IP we logged exploiting the Gravity SMTP credential bug shares one HTTP fingerprint. Behind it is a Google Cloud fleet of thousands of short-lived instances, disguised by 3,299 rotating user-agents, sweeping more than 36,000 ports for .env files, git configs, credentials, and database dumps.

HoneyLabs
KnutOct 19, 2025
Managing #k8s is normally not fun. After discovering #cloudfleet (https://cloudfleet.ai/) that has changed. Their magic takes away the stressful parts and let us focus on the fun stuff
Next generation multi-cloud Kubernetes

From datacenter to cloud to edge, Cloudfleet delivers the Kubernetes experience as it was meant to be. Fully managed control plane, just-in-time infrastructure, automated upgrades, all seamlessly controlled through a single pane of glass for your clusters.

Cloudfleet