Cloud
-
SonicWall says unauthorized party accessed cloud firewall backup files
SonicWall said an unauthorized party accessed firewall configuration backup files stored in its cloud for all customers who used the cloud backup service; the files contain encrypted credentials and the company is urging users to check accounts and follow containment and remediation guidance.
-
Crimson Collective targets AWS cloud instances to steal data and extort firms
Researchers at Rapid7 said the Crimson Collective has been exploiting exposed AWS credentials to create privileged IAM users, export database and storage snapshots for exfiltration, and issue extortion demands; AWS recommended using short‑term, least‑privileged credentials and provided remediation guidance.
-
Adobe says Analytics ingestion bug caused some customers’ data to appear in other tenants
Adobe said an ingestion bug in Analytics Edge caused some organisations’ data to appear in other customers’ analytics instances between Sept. 17 and Sept. 18, 2025; Adobe is cleaning impacted datasets and a customer advisory seen by BleepingComputer instructs deletion of affected data and backups.
-
High-severity flaw in Red Hat OpenShift AI could allow full cluster takeover, vendor warns
Red Hat warned that a CVE-2025-10725 flaw in OpenShift AI, scored 9.9 by CVSS, could let a low-privileged authenticated user escalate to cluster administrator, enabling data theft, service disruption and full platform takeover; Red Hat and a Bugzilla report provided mitigation steps and urged urgent patching and investigation.
-
US Air Force investigating ‘privacy-related issue’ after alleged SharePoint notice
The Department of the Air Force is investigating a “privacy-related issue” after an alleged notice said USAF SharePoint permissions exposed PII and PHI and that SharePoint, Teams and Power BI might be blocked; officials have provided limited confirmation and Microsoft declined to comment.
-
Researchers say low-cost DDR4 interposer can bypass Intel and AMD memory protections
Researchers at KU Leuven and the University of Birmingham say a low-cost DDR4 interposer called Battering RAM can redirect physical addresses to bypass Intel SGX and AMD SEV-SNP protections in cloud confidential computing, potentially allowing plaintext reads, data corruption and persistent backdoors.
-
Researchers disclose three now-patched vulnerabilities in Google’s Gemini AI
Researchers disclosed three patched vulnerabilities in Google’s Gemini AI that could have exposed users to privacy risks, affecting Cloud Assist, the Search Personalization model and the Browsing Tool, Tenable said; Google has applied mitigations.
-
Volvo North America confirms employee data exposure after Miljödata ransomware attack
Volvo North America confirmed that attackers accessed employee data after its HR-system provider Miljödata was hit by a ransomware attack, exposing names and Social Security numbers and affecting a wide network of Swedish municipalities and institutions.
-
Senate Democrats flag DOGE program for privacy, cybersecurity risks across three federal agencies
A Senate Democratic report accuses the DOGE program of violating federal law and exposing Americans’ personal data across three agencies, urging immediate safeguards and compliance measures amid warnings of heightened identity theft risk.
-
Security firm flags in-the-wild exploitation of Pandoc flaw CVE-2025-51591 to target AWS IMDS
Security researchers at Wiz have observed in-the-wild exploitation of CVE-2025-51591, a Pandoc flaw that enables SSRF against AWS EC2 IMDS, with attackers attempting to exfiltrate data via crafted iframes. The activity underscores the importance of IMDSv2 and least-privilege IAM roles to mitigate cloud credential exposure.
