cloud security
Threat actors are recruiting the people who hold cloud logins
Companies keep most of their data and applications in cloud platforms that anyone can reach with the right login. That setup turns each employee holding those credentials into …
Making the cloud prove it followed your privacy wishes
Companies that store personal data in cloud key-value databases should handle deletion requests by running the operation and confirming the job is complete. The people making …
Companies built AI into core systems before figuring out how to govern it
70% of organizations use GenAI in live environments, and 64% have AI agents in pilot or production deployments. Some of those agents have privileged access to core systems, …
Oracle rolls out monthly security patch updates
Oracle is changing how its security fixes are delivered: starting in May 2026, there will be a monthly Critical Security Patch Update. “Each [monthly] CSPU is smaller …
Chaos malware expands from routers to Linux cloud servers
Chaos, Go-based malware first documented by Lumen’s Black Lotus Labs, has historically targeted routers and edge devices. A new variant observed in March 2026 shows the …
Cloud misconfiguration has evolved and your controls haven’t
In this Help Net Security video, Kat Traxler, Principal Security Researcher – Public Cloud at Vectra AI, walks through two AWS misconfigurations that go beyond the …
Cloud-audit: Fast, open-source AWS security scanner
Running AWS security audits without a dedicated security team typically means choosing between enterprise platforms with per-check billing and generic open-source scanners …
AWS Security Hub Extended brings enterprise security under one roof
AWS Security Hub Extended is a plan within Security Hub that simplifies how customers procure, deploy, and integrate a full-stack enterprise security solution across endpoint, …
Microsoft expands Sovereign Cloud security with governance, local productivity and AI
Microsoft expands Microsoft Sovereign Cloud with new disconnected and AI capabilities that help organizations run critical infrastructure, productivity services and large AI …
Cloud teams are hitting maturity walls in governance, security, and AI use
Enterprise cloud programs have reached a point where most foundational services are already in place, and the daily work now centers on governance, security enforcement, and …
Exposed training apps are showing up in active cloud attacks
Security teams often spin up vulnerable applications for demos, training, or internal testing. A recent Pentera research report documents how those environments are being left …
Minimal Ubuntu Pro expands Canonical’s cloud security offerings
Canonical has released Minimal Ubuntu Pro images for use on public cloud platforms, aiming to give teams a smaller base image with a narrower software footprint. The solution …
Featured news
Resources
Don't miss
- Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)
- How to use NIST and ISO frameworks to govern AI agents
- The assembly line behind 1.5 million malicious domains
- AI sovereignty makes data centers strategic targets for cyber operations
- CISA orders federal agencies to “patch smarter”