Sensitive data and secrets are leaking. How cloud security leaders can shut them down.
Despite the billions of dollars organizations are investing in cybersecurity, one of the most preventable threats persists: sensitive data and credentials exposed in publicly accessible cloud services. According to the Tenable Cloud Security Risk Report 2025, 9% of public cloud storage resources contain sensitive data — including personally identifiable information (PII), intellectual property (IP), Payment Card Industry (PCI) details, and protected health information (PHI).
Even more concerning, the report shows that over half of organizations using Amazon Web Services (AWS) Elastic Container Service (ECS) task definitions and Google Cloud Platform (GCP) Cloud Run have, knowingly or not, at least one secret embedded in these services.
These exposures are concerning, as they are the kind of exploitable oversights attackers are already scanning for — and weaponizing.
Why this matters to security leadersExposed secrets — like API keys and encryption tokens — can open the door to attackers, enabling lateral movement, data exfiltration or full environment takeover.
This isn’t just a misconfiguration issue. It’s a governance gap, made worse by legacy security tooling and, in some cases, the mistaken perception that native cloud services provide sufficient protection.
What you should be doing nowSecurity leaders must shift from detection to prevention and improve their sensitive data protection by enforcing the following:
Key takeaway: Exposed secrets and sensitive data aren’t obscure edge cases. They’re systemic risks hiding in plain sight — and must be eliminated before attackers exploit them.
Learn moreThe post Secrets in the Open: Cloud Data Exposures That Put Your Business at Risk appeared first on Security Boulevard.
Sensitive data and secrets are leaking. How cloud security leaders can shut them down.
Despite the billions of dollars organizations are investing in cybersecurity, one of the most preventable threats persists: sensitive data and credentials exposed in publicly accessible cloud services. According to the Tenable Cloud Security Risk Report 2025, 9% of public cloud storage resources contain sensitive data — including personally identifiable information (PII), intellectual property (IP), Payment Card Industry (PCI) details, and protected health information (PHI).
Even more concerning, the report shows that over half of organizations using Amazon Web Services (AWS) Elastic Container Service (ECS) task definitions and Google Cloud Platform (GCP) Cloud Run have, knowingly or not, at least one secret embedded in these services.
These exposures are concerning, as they are the kind of exploitable oversights attackers are already scanning for — and weaponizing.
Why this matters to security leadersExposed secrets — like API keys and encryption tokens — can open the door to attackers, enabling lateral movement, data exfiltration or full environment takeover.
This isn’t just a misconfiguration issue. It’s a governance gap, made worse by legacy security tooling and, in some cases, the mistaken perception that native cloud services provide sufficient protection.
What you should be doing nowSecurity leaders must shift from detection to prevention and improve their sensitive data protection by enforcing the following:
Key takeaway: Exposed secrets and sensitive data aren’t obscure edge cases. They’re systemic risks hiding in plain sight — and must be eliminated before attackers exploit them.
Learn moreCybersecurity experts are sounding the alarm about a sophisticated malware campaign that leverages malicious advertisements targeting system administrators through weaponized PuTTY downloads. This emerging threat represents a significant shift in attack vectors, with malicious advertisements now surpassing traditional phishing methods as the primary delivery mechanism for malware infections. The current campaign uncovered by ExpelSecurity specifically […]
The post System Admins Beware! Weaponized Putty Ads in Bing Installs Remote Access Tools appeared first on Cyber Security News.
The RapperBot botnet has resurfaced with unprecedented aggression, targeting network edge devices in a staggering series of over 50,000 attacks. Identified and detailed by researchers at Qianxin XLab, this botnet represents a sophisticated threat to Internet of Things (IoT) ecosystems, exploiting vulnerabilities in devices such as routers, IP cameras, and other connected hardware. New Wave […]
The post RapperBot Botnet Surges with 50,000+ Attacks Targeting Network Edge Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Third-party risk management TPRM is a well-established pillar of enterprise security programs. Its focus is on evaluating vendors for financial health, operational resilience, and compliance. As digital ecosystems expanded, so did the attack surface, and TPRM began evolving. Enter Third-Party Cyber Risk Management (TPCRM): a more security-focused framework that assesses the cybersecurity posture of vendors, such as access controls, threat detection capabilities, and data protection protocols.
The post TPSRM: What It Is — And Why It Matters appeared first on Security Boulevard.
Qualys researchers have unearthed two local privilege escalation vulnerabilities (CVE-2025-6018, CVE-2025-6019) that can be exploited in tandem to achieve root access on most Linux distributions “with minimal effort.” About the vulnerabilities (CVE-2025-6018, CVE-2025-6019) CVE-2025-6018 affects the Pluggable Authentication Modules (PAM) configuration of openSUSE Leap 15 and SUSE Linux Enterprise 15, and allows an unprivileged local attacker – for example, an attacker who logs in via a remote SSH session – to gain the “allow_active” privileges … More →
The post Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019) appeared first on Help Net Security.