Addressed AWS defaults risks: OIDC, Terraform and Anonymous to AdministratorAccess |
|
|
|
Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD |
|
|
|
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources |
|
|
|
UnOAuthorized: Privilege Elevation Through Microsoft Applications |
|
|
|
Escalating Privileges in Google Cloud via Open Groups |
|
|
|
ConfusedFunction: A Privilege Escalation Vulnerability Impacting GCP Cloud Functions |
|
|
|
Exploiting Broken Authentication Control In GraphQL |
|
|
|
NO_WILDCARD: How I discovered the Organization ID of any AWS Account |
|
|
|
Exploiting GCP Cloud Build for Privilege Escalation |
|
|
|
Capturing Exposed AWS Keys During Dynamic Web Application Tests |
|
|
|
SAPwned: SAP AI vulnerabilities expose customers’ cloud environments and private AI artifacts |
|
|
|
Unveiling TE.0 HTTP Request Smuggling: Discovering a Critical Vulnerability in Thousands of Google Cloud Websites |
|
|
|
These Services Shall Not Pass: Abusing Service Tags to Bypass Azure Firewall Rules (Customer Action Required) |
|
|
|
Non-Production Endpoints as an Attack Surface in AWS |
|
|
|
Linguistic Lumberjack: Attacking Cloud Services via Logging Endpoints (Fluent Bit - CVE-2024-4323) |
|
|
|
Arbitrary 1-click Azure tenant takeover via MS application |
|
|
|
So I Became A Node: Exploiting Bootstrap Tokens In Azure Kubernetes Service |
|
|
|
Amplified exposure: How AWS flaws made Amplify IAM roles vulnerable to takeover (CVE-2024-28056) |
|
|
|
Wiz Research finds architecture risks that may compromise AI-as-a-Service providers and consequently risk customer data; works with Hugging Face on mitigations |
|
|
|
FlowFixation: AWS Apache Airflow Service Takeover Vulnerability and Why Neglecting Guardrails Puts Major CSPs at Risk |
|
|
|
OpenStack Admin Account Takeover due to Unsafe Environment Handling in MuranoPL |
|
|
|
Conditional Love for AWS Metadata Enumeration |
|
|
|
Sys:All: How A Simple Loophole in Google Kubernetes Engine Puts Clusters at Risk of Compromise |
|
|
|
Entra ID Connect Arbitrary Password Overwrite |
|
|
|
Unauthenticated Access to GCP Dataproc Can Lead to Data Leak |
|
|
|