Cloud
Docker makes Hardened Images Catalog affordable for small businesses
The Docker team has announced unlimited access to its Hardened Images catalog to make access to secure software bundles affordable for all development teams at startups and SMBs. Starting today, container images that have been verified to be free of known vulnerabilities (near-zero CVEs), are available to all users through a subscription and a 30-day free […]
Zeroday Cloud hacking contest offers $4.5 million in bounties
A new hacking competition called Zeroday Cloud, focused on open-source cloud and AI tools, announced a total prize pool of $4.5 million in bug bounties for researchers that submit exploits for various targets. The contest is launched by the research arm of cloud security company Wiz in partnership with Google Cloud, AWS, and Microsoft, and is scheduled for […]
Critical Western Digital My Cloud bug allows remote command injection
Western Digital has released firmware updates for multiple My Cloud NAS models to patch a critical-severity vulnerability that could be exploited remotely to execute arbitrary system commands. Tracked as CVE-2025-30247, the flaw is an OS command injection in the user interface of My Cloud and can be leveraged through specially crafted HTTP POST requests sent to […]
New VMScape attack breaks guest-host isolation on AMD, Intel CPUs
A new Spectre-like attack dubbed VMScape allows a malicious virtual machine (VM) to leak cryptographic keys from an unmodified QEMU hypervisor process running on modern AMD or Intel CPUs. The attack breaks the isolation between VMs and the cloud hypervisor, bypassing existing Spectre mitigations and threatening to leak sensitive data by leveraging speculative execution. The […]
Microsoft Word will save your files to the cloud by default
Microsoft says that Word for Windows will soon enable autosave and automatically save all new documents to the cloud by default. The company is currently testing this new feature with the help of Microsoft 365 Insiders in the Beta Channel, who will get it after upgrading to Word for Windows Version 2509 (Build 19221.20000) or later, which was released […]
Microsoft warns of high-severity flaw in hybrid Exchange deployments
Microsoft has warned customers to mitigate a high-severity vulnerability in Exchange Server hybrid deployments that could allow attackers to escalate their privileges in Exchange Online cloud environments without leaving any traces. Exchange hybrid configurations connect on-premises Exchange servers to Exchange Online (part of Microsoft 365), allowing for seamless integration of email and calendar features between […]
Microsoft increases Zero Day Quest prize pool to $5 million
Microsoft will offer up to $5 million in bounty awards at this year’s Zero Day Quest hacking contest, which the company describes as the “largest hacking event in history.” Last year’s Zero Day Quest has also generated significant participation from the security community, following Microsoft’s offer of $4 million in rewards for vulnerabilities in cloud and AI products […]
Cloudflare: Outage not caused by security incident, data is safe
Cloudflare has confirmed that the massive service outage yesterday was not caused by a security incident and no data has been lost. The issue has been largely mitigated. It started 17:52 UTC yesterday when the Workers KV (Key-Value) system went completely offline, causing widespread service losses across multiple edge computing and AI services. Workers KV is a globally […]
Massive Heroku outage impacts web platforms worldwide
Heroku is suffering a widespread outage that has lasted over six hours, preventing developers from logging into the platform and breaking website functionality. Heroku is a platform-as-a-service (PaaS) owned by Salesforce that allows developers to deploy applications to the cloud without managing infrastructure. The outage began early Tuesday morning, with users reporting that Heroku apps […]
Hacker arrested for breaching 5,000 hosting accounts to mine crypto
The Ukrainian police arrested a 35-year-old hacker who breached 5,000 accounts at an international hosting company and used them to mine cryptocurrency, resulting in $4.5 million in damages. “The suspect illegally gained access to over 5,000 accounts belonging to clients of an international hosting company that provides server rental services for the operation of various websites […]