AWS Lambda is a technology platform tracked across 11 threat clusters and 14 intelligence report mentions on ThreatCluster. First observed December 12, 2025; most recent activity July 6, 2026.
The FBI has issued a warning regarding the Kali365 phishing kit, which is actively stealing Microsoft OAuth tokens and bypassing multi-factor authentication (MFA) protocols. First identified in April 2026, Kali365 is…
A report by OX Security has identified a critical vulnerability in the Model Context Protocol (MCP) developed by Anthropic, potentially exposing over 200,000 AI servers to remote code execution. The flaw lies in the…
Researchers at Token Security disclosed a five-stage exploit chain that allowed a free Zapier account to gain write access to both public and internal NPM packages. Each stage of the chain exploited known anti-patterns,…
Multi-agent AI systems are vulnerable to privilege abuse when agents delegate tasks across complex chains. This risk, classified by OWASP as Identity & Privilege Abuse, can lead to agents exceeding their original…
Organizations are facing an evolving security landscape where advanced cyber threats leverage artificial intelligence to exploit vulnerabilities and automate attacks. Traditional security measures are inadequate as…
Zafran has introduced a threat exposure management platform on AWS, emphasizing the need for continuous threat exposure management (CTEM) in vulnerability management. This platform leverages AI-powered approaches and…
On November 28, 2025, a cyberattack on Amazon Web Services (AWS) allowed an attacker to gain full administrative access in just eight minutes. The attack exploited valid test credentials found in public S3 buckets,…
The Open Cybersecurity Schema Framework (OCSF) aims to standardize security logs across various systems, enhancing interoperability and simplifying compliance reporting. Amazon Security Lake has introduced an ETL…
Intruder has launched a new feature called Container Image Scanning, which automatically scans container images for vulnerabilities. This upgrade allows users to gain actionable insights into container risks without the…
A sophisticated cryptocurrency mining campaign targeting AWS customers began on November 2, 2025, using compromised AWS Identity and Access Management (IAM) credentials. The attackers exploited Amazon Elastic Container…