CSO Online

Fluent Bit vulnerabilities could enable full cloud takeover

Flaws in Fluent Bit could let attackers inject fake logs, reroute telemetry, and execute arbitrary code across cloud ...
SecurityWeek

640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack

Approximately 640 NPM packages have been infected with a new variant of the Shai-Hulud self-replicating worm in a fresh wave of attacks.

Years-old bugs in open source tool left every major cloud open to disruption

It's been around for 14 years, and at least one of the newly disclosed bugs, a path-traversal flaw now tracked as CVE 2025-12972, has left cloud environments vulnerable for more than 8 years, ...
CSO Online

Ransomware gangs seize a new hostage: your AWS S3 buckets

Researchers warn that attackers are moving beyond on-prem systems and now using AWS’s own encryption and key management ...