0xBughunter2d ago

🤖 Amazon Q flaw let booby-trapped Git repos execute code, swipe cloud creds

📝 A high-severity flaw...

https://www.theregister.com/cyber-crime/2026/06/26/amazon-q-flaw-let-booby-trapped-git-repos-execute-code-swipe-cloud-creds/5263202

📰 www.theregister.com - Articles

#AI #CloudSec #AppSec

Amazon Q flaw let booby-trapped Git repos execute code, swipe cloud creds

Researchers warn many AI coding assistants now execute commands from project configurations

theregister
0xBughunter4d ago

🪟 CNAPP evolution: How Microsoft aligns with leading cloud risk manag...

📝 Cloud security ...

https://www.microsoft.com/en-us/security/blog/2026/06/24/cnapp-evolution-how-microsoft-aligns-with-leading-cloud-risk-management-platforms/

📰 Microsoft Security Blog

#CloudSec #AppSec #Microsoft

CNAPP evolution: How Microsoft aligns with leading cloud risk management platforms | Microsoft Security Blog

Discover how Microsoft aligns with the next phase of CNAPP—helping organizations correlate signals, prioritize risk, and reduce cloud exposure across modern application environments.

Microsoft Security Blog
0xBughunter6d ago

🤖 OpenAI rolls out AI-led push to fix open-source sof...

📝 OpenAI has laun...

https://www.csoonline.com/article/4188321/openai-rolls-out-ai-led-push-to-fix-open-source-software-flaws.html

📰 OpenAI rolls out AI-led push to fix open-source software flaws | CSO Online

#AI #CloudSec #ZeroDay

OpenAI rolls out AI-led push to fix open-source software flaws

‘Patch the Planet’ pairs automated analysis with expert review to uncover and remediate vulnerabilities in core infrastructure projects.

CSO Online
0xBughunter6d ago

🤖 Cloudflare teams up with big browsers to help websites tell welcome...

📝 Cloudflare on M...

https://www.theregister.com/software/2026/06/22/cloudflare-teams-up-with-big-browsers-to-help-websites-tell-welcome-from-unwelcome-visitors/5259782

📰 www.theregister.com - Articles

#AI #CloudSec

Cloudflare teams up with big browsers to help websites tell welcome from unwelcome visitors

Makers of Chrome, Edge, Firefox back bot-fraud defense called Private Access Control Tokens

theregister
0xBughunterJun 22

🤖 AWS Continuum offers devs help with securing code

📝 AI coding agents are making it easier than ever to pr...

https://www.csoonline.com/article/4187917/aws-continuum-offers-devs-help-with-securing-code-2.html

📰 AWS Continuum offers devs help with securing code | CSO Online

#AI #CloudSec

AWS Continuum offers devs help with securing code

Continuum is a new service intended to hep developers and security teams secure their own code and that of others too, with a goal of automating remediation.

CSO Online
OffSequenceJun 19
CVE-2026-32174: HIGH severity improper authentication in Microsoft Azure AI Bot Service (CVSS 7.7). Privilege escalation possible for authorized users. Microsoft has issued a server-side fix. No active exploits. Details: https://radar.offseq.com/threat/cve-2026-32174-cwe-287-improper-authentication-in--3888a626d33fd2e5 #OffSeq #Azure #Vuln #CloudSec
0xBughunterJun 18

☁️ Google told researcher 'Nice catch!' Then denied bug bounty for ...

📝 EXCLUSIVE Googl...

https://www.theregister.com/security/2026/06/18/google-told-researcher-nice-catch-then-denied-bug-bounty-for-flaw-it-still-hasnt-fixed/5258076

📰 www.theregister.com - Articles

#CloudSec #BugBounty

Google told researcher 'Nice catch!' Then denied bug bounty for flaw it still hasn't fixed

EXCLUSIVE 'Working as intended' for the win … again

theregister
0xBughunterJun 17

🤖 Google’s Vertex AI SDK could allow RCE through buc...

📝 A design flaw i...

https://www.csoonline.com/article/4186193/googles-vertex-ai-sdk-could-allow-rce-through-bucket-squatting.html

📰 Google’s Vertex AI SDK could allow RCE through bucket squatting | CSO Online

#AI #CloudSec #ZeroDay

Google’s Vertex AI SDK could allow RCE through bucket squatting

Google reportedly patched a flaw in the Vertex AI SDK for Python that could allow attackers to hijack model uploads and trigger remote code execution across tenants.

CSO Online
0xBughunterJun 16

☁️ Three critical Fortinet sandbox bugs splattered by unknown attackers

📝 Three critical flaws in Fortinet’s...

https://www.theregister.com/security/2026/06/16/three-critical-fortinet-sandbox-bugs-splattered-by-unknown-attackers/5256461

📰 www.theregister.com - Articles

#CloudSec #InfoSec

Three critical Fortinet sandbox bugs splattered by unknown attackers

All have patches, so make sure you upgrade to a fixed version

theregister
0xBughunterJun 15

🏛️ Sovereign cloud won’t fix your AI risk. Identity governan...

📝 Your auditors w...

https://www.csoonline.com/article/4184634/sovereign-cloud-wont-fix-your-ai-risk-identity-governance-will.html

📰 Sovereign cloud won’t fix your AI risk. Identity governance will | CSO Online

#AI #CloudSec

Sovereign cloud won’t fix your AI risk. Identity governance will

What European CISOs learned from sovereign cloud — and how US security leaders can avoid the same AI strategy mistakes.

CSO Online