cloud-security

The Ephemeral Illusion: Why the Cloud Sandbox is not a Safe Zone

John Z Black Apr 22, 2026

Security Operations & Resilience #cloud-security #azure #aws-lambda #sandbox-escape #serverless #containers #iam

We have been told that serverless environments are secure because they are temporary. New research on Azure and AWS Lambda proves that attackers are learning how to live in the layer underneath.

The 22-Month Window: How Vercel's Upstream Analytics Bridge Was Compromised

John Z Black Apr 21, 2026

Incidents & Breaches #supply-chain #oauth #dwell-time #vercel #cloud-security

Vercel recently disclosed a major security incident via Context.ai that began in June 2024. For nearly two years, an invisible door was held open into the core of their cloud identity. It is a masterclass in the hidden risks of 'harmless' SaaS analytics.

Researchers Broke Cloud GPU Isolation With a Memory Trick Nobody Can Patch

John Z Black Apr 4, 2026

Vulnerabilities & Patching #nvidia #gpu #rowhammer #cloud-security #hardware-vulnerability #ai-infrastructure

Three new Rowhammer attacks on Nvidia GPUs let a shared cloud tenant escalate to root on the host. It's a hardware flaw. There's no fix. And nobody's talking.

Hackers Built a SaaS-Style Dashboard to Loot Next.js Apps at Scale

John Z Black Apr 3, 2026

Threat Intelligence #next.js #react #cve-2025-55182 #credential-theft #supply-chain #cloud-security

UAT-10608 built an automated framework that exploits a CVSS 10.0 React flaw to compromise Next.js apps, harvest credentials, and display the loot in a searchable dashboard.

ShinyHunters Just Hit the EU. Here's Why They Keep Getting Away With It.

John Z Black Mar 31, 2026

Incidents & Breaches #shinyhunters #european-commission #data-breach #aws #cloud-security #ticketmaster #europa-eu #extortion

TeamPCP Is Not a Hacker Group Anymore. It's a Cloud Crime Platform.

John Z Black Mar 28, 2026

Ransomware & Cybercrime #teampcp #canisterworm #vect #ransomware #supply-chain #blockchain #icp #pypi #cloud-security

TeamPCP has graduated from opportunistic attacker to full-spectrum criminal platform -- with blockchain C2 that law enforcement can't seize and a live ransomware affiliate program that costs $250 to join.

The Trivy Domino: How One Poisoned Security Tool Spread to a Thousand Cloud Environments

John Z Black Mar 25, 2026

Threat Intelligence #supply-chain #trivy #litellm #kubernetes #teampcp #cloud-security #ci-cd

A poisoned Trivy Docker image grew into one of the year's worst CI/CD compromises. Thousands of pipelines ran the payload, LiteLLM got backdoored on PyPI, and the attackers built a three-part kit designed to hit Kubernetes clusters and stay.

FedRAMP's Trust Gap: When Technical Warnings Lose to Procurement Momentum

John Z Black Mar 18, 2026

Policy, Law & Governance #fedramp #cloud-security #governance #procurement #assurance #public-sector #risk-management

Federal cyber experts reportedly called Microsoft's cloud a 'pile of shit' -- and approved it anyway. That's not just a Microsoft story. It's a story about what certification badges actually mean.

Google Swallowed Wiz for $32 Billion. OpenAI Bought an LLM Red-Team Firm. Same Day.

John Z Black Mar 12, 2026

Industry #google #wiz #openai #promptfoo #mergers-acquisitions #cloud-security #ai-security #cspm #enterprise

Google closed its $32B Wiz acquisition while OpenAI snapped up Promptfoo, an AI security startup. Two deals, one message: the biggest platforms are making security a built-in feature, not something they outsource.