Cloud intrusions are unfolding on shorter timelines, with attackers leaning more on unpatched software and compromised identities. H2 2025 distribution of initial access vectors exploited in Google Cloud (Source: Google) Google Cloud’s Cloud Threat Horizons Report H1 2026 reflects incident response and intelligence findings from the second half of 2025 and shows how access methods and objectives are changing in cloud and SaaS environments. Third-party software flaws move ahead of credential abuse Unpatched third-party applications … More →
The post Software vulnerabilities push credential abuse aside in cloud intrusions appeared first on Help Net Security.
Gogs Vulnerability Enables Attackers to Silently Overwrite Large File Storage Objects
A critical security flaw has been discovered in a popular open-source, self-hosted Git service, allowing attackers to overwrite Large File Storage (LFS) objects secretly. Tracked
