cloud security
Exposed training apps are showing up in active cloud attacks
Security teams often spin up vulnerable applications for demos, training, or internal testing. A recent Pentera research report documents how those environments are being left …
Minimal Ubuntu Pro expands Canonical’s cloud security offerings
Canonical has released Minimal Ubuntu Pro images for use on public cloud platforms, aiming to give teams a smaller base image with a narrower software footprint. The solution …
Gen AI data violations more than double
Security teams track activity that moves well beyond traditional SaaS platforms, with employees interacting daily with generative AI tools, personal cloud services, and …
Cloud security is stuck in slow motion
Cloud environments are moving faster than the systems meant to protect them. A new Palo Alto Networks study shows security teams struggling to keep up with development cycles, …
CISOs are spending big and still losing ground
Security leaders are entering another budget cycle with more money to work with, but many still feel no safer. A new benchmark study from Wiz shows a widening gap between …
cnspec: Open-source, cloud-native security and policy project
cnspec is an open source tool that helps when you are trying to keep a sprawling setup of clouds, containers, APIs and endpoints under control. It checks security and …
Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story
In this Help Net Security interview, Rik Mistry, Managing Partner at Interval Group, discusses how to align IT strategy with business goals. He explains how security, …
SonicWall cloud backup hack was the work of a state actor
Incident responders from Mandiant have wrapped up their investigation into the SonicWall cloud backup service hack, and the verdict is in: the culprit is a state-sponsored …
Google says 2026 will be the year AI supercharges cybercrime
Security leaders are staring down a year of major change. In its Cybersecurity Forecast 2026, Google paints a picture of a threat landscape transformed by AI, supercharged …
What Microsoft’s 2025 report reveals about the new rules of engagement in cyberdefense
Adversaries are using AI to sharpen attacks, automate operations, and challenge long-standing defenses, according to a new Microsoft report. Researchers describe a year in …
Attackers target retailers’ gift card systems using cloud-only techniques
A newly uncovered attack campaign mounted by suspected Morocco-based attackers has been hitting global retailers and other businesses issuing gift cards. What makes this …
Attackers turn trusted OAuth apps into cloud backdoors
Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain …
Featured news
Resources
Don't miss
- Security work keeps expanding, even with AI in the mix
- Ivanti provides temporary patches for actively exploited EPMM zero-day (CVE-2026-1281)
- Google disrupts proxy network used by 550+ threat groups
- eScan AV users targeted with malicious updates
- Google agrees to pay $135 million over Android data harvesting claims