Cloud | Sec | Labs - Securing our World

Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks

Jun 29, 2026 Author Comment

The China-aligned espionage group Mustang Panda is running two campaigns against the Indian government and hydropower targets, deploying new malware and turning a legitimate cloud service into

News Feed

⚡ Weekly Recap: Linux Kernel Flaws, AI Malware Tricks, Turla Backdoor, Infostealers and More

Jun 29, 2026 Author Comment

https://ift.tt/hcJL1I6 week was a reminder that attackers do not always need big tricks. One small mistake, one old access path, one missed patch, and suddenly

News Feed

Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse

Jun 29, 2026 Author Comment

A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine

News Feed

What the post-quantum executive order really demands of CISOs

Jun 29, 2026 Author Comment

Post-quantum cryptography didn’t sneak up on the industry. For years, security teams, standards bodies, hyperscalers, and governments have been pointing at the same horizon: a

News Feed

ATF cancels controversial commercial geolocation contract

Jun 26, 2026 Author Comment

The Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) canceled a contract with Penlink that used ad-surveillance technologies to track the location of Americans. The

News Feed

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs

Jun 26, 2026 Author Comment

https://ift.tt/NvzUHFS high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer’s cloud credentials. The path was short: a developer

News Feed

What the post-quantum executive order really demands of CISOs

Jun 29, 2026 AuthorComment

Post-quantum cryptography didn’t sneak up on the industry. For years, security teams, standards bodies, hyperscalers,

News Feed

ATF cancels controversial commercial geolocation contract

Jun 26, 2026 AuthorComment

The Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) canceled a contract with Penlink that

News Feed

Guardian Agents: The Next Layer of Identity Governance

Jun 26, 2026 AuthorComment

https://ift.tt/0q1E8kF agents are moving through enterprise environments, inheriting permissions, traversing systems, and executing decisions at

News Feed

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories

Jun 25, 2026 AuthorComment

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhO1f6pZmhVaPQd2FjrrAG-IbL0vMk7zHVZ6BqjzkzJS8qd7HlAtIJ-7chRUbqR7tZHPNqdZFbm0QL9O03mkW7YsOh0pVwW1_ogikaoxNX8dFd5-ZB4SwB7-tfpWmp9Hr22DJL6tzZgTdeFnCU4VwaZXSY_htGs2_xlaB8n0EOedrfe7wHuI30GXTF6Pofc/s1600/threatsday-june.jpgIt’s dumb out there again. This week has the usual smell of prod on fire

Cloud | Sec | Labs

Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks

⚡ Weekly Recap: Linux Kernel Flaws, AI Malware Tricks, Turla Backdoor, Infostealers and More

Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse

What the post-quantum executive order really demands of CISOs

ATF cancels controversial commercial geolocation contract

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs

Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks

⚡ Weekly Recap: Linux Kernel Flaws, AI Malware Tricks, Turla Backdoor, Infostealers and More

Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse

What the post-quantum executive order really demands of CISOs

ATF cancels controversial commercial geolocation contract

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs

Unlock Seamless Travel: Bypass Captive Portals & Device Limits with GL.iNet Routers

Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks

⚡ Weekly Recap: Linux Kernel Flaws, AI Malware Tricks, Turla Backdoor, Infostealers and More

Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse

What the post-quantum executive order really demands of CISOs

ATF cancels controversial commercial geolocation contract

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs

Guardian Agents: The Next Layer of Identity Governance

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories

New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis

Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks

⚡ Weekly Recap: Linux Kernel Flaws, AI Malware Tricks, Turla Backdoor, Infostealers and More

Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse

What the post-quantum executive order really demands of CISOs

ATF cancels controversial commercial geolocation contract

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs