-
A critical architectural weakness in Azure’s Private Endpoint deployments could allow both accidental and intentional denial of service (DoS) attacks against cloud resources. The vulnerability stems from how Azure’s Private DNS zone resolut…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cymulate Research Labs discovered a high-severity authentication bypass vulnerability in Microsoft Windows Admin Centre’s Azure AD Single Sign-On implementation that enables attackers with local administrator access on a single machine to comprom…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers have discovered VoidLink, a sophisticated new Linux malware framework designed to infiltrate AWS, Google Cloud, and Azure. Learn how this Chinese-affiliated toolkit uses adaptive stealth to stay hidden.
·
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in Azure Bastion (CVE-2025-49752) allows remote attackers to bypass authentication mechanisms and escalate privileges to administrative levels. The flaw, categorized as an authentication bypass vulnerability, poses an immediate risk to organizations that rely on Azure Bastion for secure administrative access to their cloud infrastructure. Attackers Can Escalate Privileges Without User Interaction The […] The post Critical Vulnerability in Azure Bastion Let Attackers Bypass Authentication and Escalate privileges appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft Azure successfully defended against a record-breaking distributed denial-of-service (DDoS) attack that peaked at 15.72 terabits per second (Tbps), making it the most significant DDoS attack ever observed in the cloud. On October 24, 2025, Azu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
AzureHound, an open-source data collection tool designed for legitimate penetration testing and security research, has become a favored weapon in the hands of sophisticated threat actors. The tool, which is part of the BloodHound suite, was originally created to help security professionals and red teams identify and fix cloud vulnerabilities. However, malicious actors have increasingly […] The post AzureHound Penetration Testing Tool Weaponized by Threat Actors to Enumerate Azure and Entra ID appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The cybersecurity landscape continues to shift toward cloud-based attacks, with threat actors increasingly exploiting legitimate security tools for malicious reconnaissance. AzureHound, a penetration testing utility designed for authorized security pro…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability was discovered when a complete 4-terabyte SQL Server backup belonging to Ernst & Young (EY), one of the world’s Big Four accounting firms, was found publicly accessible on Microsoft Azure. The exposure was id…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are increasingly targeting Azure Blob Storage, Microsoft’s flagship object storage solution, to infiltrate organizational repositories and disrupt critical workloads. With its capacity to handle exabytes of unstructured data for AI, high …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Axis Communications, a leading provider of network video and surveillance solutions, has confirmed a critical vulnerability in its Autodesk® Revit® plugin that exposed Azure Storage Account credentials within signed DLLs. Discovered in July 2024 by Tre…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
