// #cloud-security
6 articles
AI Agents Can Autonomously Compromise Cloud Infrastructure With Minimal Human Oversight, Research Finds
New academic research demonstrates that AI agents equipped with common cloud security tools can autonomously identify, chain, and exploit misconfigurations in production-like cloud environments — achieving lateral movement, privilege escalation, and data exfiltration in multi-step attack sequences without human guidance. The findings have direct implications for red team methodologies, cloud security posture management, and the adversarial use of AI-assisted attack tooling.
Azure Arc Windows Agent CVE-2026-26117 Lets Low-Privilege Users Escalate to SYSTEM and Seize Cloud-Managed Identity
CVE-2026-26117, a local privilege escalation flaw in the Azure Arc Connected Machine Agent for Windows, allows any domain user on a managed host to escalate to SYSTEM and inherit the host's Azure managed identity — granting access to all Azure resources the machine identity can reach. Microsoft rated the flaw CVSS 7.8; patch immediately given Arc's growing enterprise footprint.
Azure IoT Central Privilege Escalation via Sensitive Data Exposure — CVSS 9.9
A CVSS 9.9 privilege escalation vulnerability in Azure IoT Central exposes sensitive platform data allowing authenticated low-privilege attackers to gain administrative control. April 2026 Patch Tuesday addressed the flaw — audit IoT Central role assignments and rotate provisioning credentials now.
Microsoft Entra ID Entitlement Management SSRF (CVE-2026-35431, CVSS 10.0) — Cloud IAM Attack Surface Disclosed Before Silent Server-Side Fix
A perfect-score SSRF vulnerability in Microsoft Entra ID Entitlement Management allowed unauthenticated network-accessible exploitation of Microsoft's cloud identity governance platform. Microsoft patched it server-side with no customer action required, but the disclosure surfaces a structural question enterprise security teams need to answer: how do you monitor for exploitation of a vulnerability in infrastructure you don't control?
McGraw Hill Confirms 13.5 Million Account Breach After ShinyHunters Exploits Salesforce Misconfiguration
Education publisher McGraw Hill has confirmed a data breach affecting 13.5 million accounts after the ShinyHunters cybercriminal group threatened to publish 45 million Salesforce records. The breach stemmed from a misconfiguration within Salesforce's environment — one McGraw Hill acknowledges is part of a broader issue affecting multiple organisations. Over 100GB of data has been publicly released.
ShinyHunters Breach Anodot SaaS Integrator, Steal Snowflake Customer Data via Harvested Tokens
The ShinyHunters threat group breached Anodot, an AI analytics platform used to integrate with Snowflake cloud data warehouses, and stole authentication tokens that enabled downstream data theft from over a dozen Snowflake customer environments. The attack is a textbook fourth-party risk incident: the direct target was not the victim organisations' systems but a trusted third-party integration layer.
Commentary tagged #cloud-security
Hypervisor Escapes Should Change How Enterprise Architects Design Isolation — They Rarely Do
VMware ESXi cross-tenant code execution at Pwn2Own Berlin 2026 demonstrates again that virtualisation is not a security boundary. Yet enterprise architecture continues to treat hypervisor isolation as equivalent to physical isolation. The security implication of this assumption has been known for years and consistently under-acted upon.
CipherWatch Editorial
Security Intelligence Platform
Defenders Can't Block Google. That's Why Attackers Are Routing Through It.
AccountDumpling abuses Google AppSheet to deliver phishing. EtherRAT uses Cloudflare and Ethereum nodes for C2. DEEP#DOOR tunnels over Cloudflare. The pattern is consistent: sophisticated attackers have discovered that the fastest route past enterprise security controls is through infrastructure defenders cannot block. The defence posture that assumes blocking bad infrastructure will stop bad traffic is being systematically rendered obsolete.
CipherWatch Editorial
Security Intelligence Platform
Managed Identity Is the New Local Admin — and Most Enterprises Haven't Noticed
CVE-2026-26117 in the Azure Arc agent is not just a patching story. It reveals that managed identity has quietly become the most powerful unguarded credential in enterprise infrastructure. We dismantled local admin accounts and hardcoded passwords over the past decade — and then rebuilt the same concentration of privilege under a different name, with even less monitoring attached.
CipherWatch Editorial
Security Intelligence Platform
The Shared Responsibility Model Is a Liability Shield, Not a Security Framework
McGraw Hill's statement that its Salesforce breach 'appears to be part of a broader issue involving a misconfiguration within Salesforce's environment' exposes what the shared responsibility model actually is: a contractual arrangement that tells you who to blame after a breach, not a security control that prevents one.
CipherWatch Editorial
Security Intelligence Platform