Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: cloud (8 articles)Clear

PCPJack hijacks 230 AWS, Google Cloud, and Azure servers into covert SMTP relay network using Sliver and Chisel, removes TeamPCP

SentinelOne and Hunt.io have detailed PCPJack, a credential-theft framework that hijacks cloud servers across AWS, Google Cloud, and Azure into a covert SMTP relay network - while terminating artifacts of the rival TeamPCP group. Built around a Sliver-integrated SMTP proxy toolkit with Chisel tunneling for multiple Linux architectures, it drops a hidden binary at /var/tmp/.xs and assigns each Sliver beacon a SOCKS5 port derived from an MD5 of its UUID. A deployer script runs an SMTP 'quality gate' probing outbound smtp.gmail.com:587 - hosts that cannot relay email are discarded. A C2-side Python daemon continuously prunes Chisel tunnels for SMTP capability. Around 230 servers were compromised.

Check
Hunt cloud Linux hosts for /var/tmp/.xs, Sliver and Chisel binaries, and outbound SMTP probes to smtp.gmail.com:587. Check for cron or systemd persistence. Apply SentinelOne and Hunt.io IoCs.
Affected
Internet-reachable cloud servers (AWS, Google Cloud, Azure) that attackers can compromise and that have outbound SMTP capability - the criterion PCPJack uses to select hosts for its relay network.
Fix
Block unneeded outbound SMTP (port 587/25) from cloud workloads. Remove Sliver/Chisel artifacts and persistence. Restrict egress, monitor for SOCKS5 tunneling, and rotate credentials on affected hosts.

Autonomous AI tool finds 2-year-old Redis use-after-free RCE CVE-2026-23479 - most cloud Redis runs passwordless, exploit public

Team Xint Code has disclosed CVE-2026-23479, a use-after-free remote code execution flaw in Redis that sat unnoticed in every stable branch from 7.2.0 until the May 5 fixes - over two years. The bug lives in unblockClientOnKey(), which keeps using a client pointer after processCommandAndResetClient() can free it. Exploitation needs an authenticated session, but Wiz's analysis finds Redis in most cloud environments with the majority running passwordless, where the default user already holds every privilege the exploit chain requires. The published exploit leaks a heap pointer via Lua, reclaims a freed client with a fake structure, and overwrites a GOT entry to repoint strcasecmp() at system(). NVD rates it 8.8.

Check
Inventory Redis instances and confirm version is past the May 5 fix. Identify passwordless or internet-reachable deployments. Audit for unexpected Lua EVAL activity and child processes spawned by redis-server.
Affected
Redis 7.2.0 through the May 5 fixes (over two years of stable branches). Exploitation needs an authenticated session, but most cloud Redis runs passwordless with the all-privileged default user.
Fix
Upgrade Redis to the patched release. Require authentication and strong ACLs, bind to localhost or private networks, never expose Redis to the internet. Enable full RELRO when building images.

CISA contractor leaked AWS GovCloud admin keys and dozens of plaintext passwords on public GitHub

A contractor with administrative access at CISA, the US agency that tells everyone else how to do cybersecurity, ran a public GitHub repository called Private-CISA that exposed administrative AWS GovCloud keys, plaintext passwords in CSVs for internal CISA systems, and credentials to the agency's internal artifactory. The owner had even disabled GitHub's default secret-scanning protections. Researcher Philippe Caturegli of Seralys validated that the AWS keys still worked against three high-privilege GovCloud accounts and could have given an attacker a launchpad to deploy backdoors into CISA's internal build pipelines. CISA says it is investigating and has seen no evidence of compromise.

Check
Search your GitHub org for repos named after internal projects, scan public-fork history with TruffleHog or GitGuardian, and verify GitHub push-protection is enabled at the org level.
Affected
Any organization where individual administrators can publish secrets to public GitHub repositories and override the default push-protection settings. CISA itself was the named victim.
Fix
Enforce GitHub Advanced Security push-protection and secret scanning at the org level. Rotate any AWS keys whose hashes appear in public commits. Treat developer GitHub accounts as Tier-0 identities.

Public Amazon S3 bucket leaks 1M+ passports, IDs, and selfies from Japanese hotel check-in platform Tabiq

An Amazon S3 bucket simply named 'tabiq' was left open to anyone who knew the name, exposing over a million passports, driver's licenses, and identity-verification selfies submitted by hotel guests worldwide. The platform, run by Japanese operator Reqrea, handles digital check-in. Researcher Anurag Sen found the bucket and notified TechCrunch and JPCERT; the bucket has since been locked down. Reqrea says the exposed files date from early 2020 through May 2026 and that it does not yet know how the bucket became public. The company is still reviewing access logs to determine whether anyone else accessed the data.

Check
Inventory your S3 buckets for public ACLs or 'AllUsers' policies. If your employees used Tabiq or Reqrea-operated check-in for corporate travel, identify travelers since 2020.
Affected
Hotel guests who checked in through the Reqrea Tabiq platform between early 2020 and May 2026. Exposed data includes passports, driver's licenses, and biometric selfies.
Fix
Enable S3 Block Public Access at the account level. For affected travelers, monitor identity-document fraud alerts and consider passport reissuance for high-risk staff. Watch for phishing referencing real travel history.

Azure Backup for AKS lets low-privileged Backup Contributors gain cluster-admin, Microsoft blocked CVE (VU#284781)

Microsoft has refused to issue a CVE for what an outside researcher and the CERT Coordination Center both describe as a privilege escalation in Azure Backup for Azure Kubernetes Service. The flaw lets a user holding only the low-privileged 'Backup Contributor' Azure role gain cluster-admin on AKS clusters, which Microsoft dismissed by saying the attacker 'already held administrator access.' CERT/CC validated the bug and tracked it as VU#284781. The researcher says Microsoft also tried to get MITRE to reject the submission as 'AI-generated content,' then quietly added new permission checks, suggesting a silent patch even as Microsoft says 'no product changes were made.'

Check
Audit Azure RBAC assignments on subscriptions hosting AKS clusters. Identify any users holding the 'Backup Contributor' role and verify they were intended to hold cluster-admin rights.
Affected
Azure Kubernetes Service clusters with Azure Backup for AKS enabled, where the 'Backup Contributor' role has been assigned. No CVE issued; CERT tracking ID VU#284781.
Fix
Restrict the 'Backup Contributor' role to trusted operators only. No vendor patch acknowledged; rely on least-privilege RBAC until Microsoft confirms a fix. Monitor MSRC for updates.

Docker Engine authorization bypass lets attackers escape containers and access host credentials (CVE-2026-34040)

A high-severity Docker Engine flaw allows attackers to bypass authorization plugins with a single oversized HTTP request. CVE-2026-34040 (CVSS 8.8) stems from an incomplete fix for CVE-2024-41110 from July 2024 - the original patch missed requests over 1MB, which get forwarded to the Docker daemon without their body, so the AuthZ plugin sees nothing to block while the daemon processes the full malicious payload. The result: a privileged container with root access to the host filesystem, exposing AWS credentials, SSH keys, Kubernetes configs, and everything else on the machine. Critically, Cyera researchers demonstrated that AI coding agents running inside Docker sandboxes can be tricked via prompt injection into crafting the bypass request themselves - no human attacker needed.

Check
Check if you use Docker with authorization plugins (OPA, Prisma Cloud, or custom AuthZ policies). If you don't use AuthZ plugins, you're not affected by this specific flaw.
Affected
Docker Engine versions prior to 29.3.1 when running with AuthZ plugins enabled. The underlying flaw has existed since Docker Engine 1.10. Environments running AI agents or developer tools inside Docker containers are at elevated risk.
Fix
Update Docker Engine to version 29.3.1. If you can't patch immediately: avoid AuthZ plugins that rely on request body inspection, restrict Docker API access to trusted parties only, or run Docker in rootless mode so that even a privileged container maps to an unprivileged host UID. For AI agent sandboxes, apply the --userns-remap setting to limit blast radius.

766+ Next.js hosts breached in automated React2Shell credential theft campaign (CVE-2025-55182)

Cisco Talos uncovered a large-scale automated campaign by threat cluster UAT-10608 that exploits React2Shell - a CVSS 10.0 pre-auth RCE flaw in React Server Components used by Next.js. One crafted HTTP request is all it takes to get code execution, no credentials needed. The attackers scan with Shodan and Censys, breach Next.js apps, then deploy the NEXUS Listener framework to harvest database credentials, SSH keys, AWS tokens, Stripe API keys, Kubernetes secrets, and GitHub tokens at scale. At least 766 hosts across multiple cloud providers were compromised within 24 hours.

Check
Check if you run any Next.js applications using React Server Components, especially internet-facing deployments on AWS, GCP, or Azure.
Affected
React Server Components packages versions 19.0, 19.1.0, 19.1.1, and 19.2.0. Any Next.js application using the App Router with these React versions is vulnerable.
Fix
Update React Server Components to a patched version immediately. Rotate all credentials on any server running a vulnerable Next.js deployment - database passwords, SSH keys, AWS keys, Stripe keys, GitHub tokens. Enforce AWS IMDSv2 to prevent cloud metadata credential theft. Enable secret scanning in your repos. Monitor for outbound connections to NEXUS Listener C2 infrastructure.

European Commission breached through AWS cloud account - 350GB of data reportedly stolen

Hackers broke into the European Commission's Amazon Web Services account and reportedly stole over 350GB of data, including databases and employee information. The breach was discovered on March 24 and affected the cloud infrastructure hosting Europa.eu websites. The Commission says its internal systems weren't impacted. The attacker isn't demanding ransom - they plan to publish the data instead.

Check
Review your organization's AWS account security, especially IAM policies and access keys.
Affected
Any AWS account using static credentials, weak IAM policies, or missing MFA on privileged accounts.
Fix
Enforce MFA on all AWS accounts. Rotate access keys regularly. Audit IAM permissions for least-privilege. Enable CloudTrail for all regions.