News

Cloud SEK
cloudsek. com > ar > knowledge-base > prevent-supply-chain-attacks

15 Best Practices to Prevent Supply Chain Attacks in 2026

4+ hour, 42+ min ago  (866+ words) Reliance on cloud platforms, APIs, and open-source dependencies has significantly expanded the attack surface. Continuous validation of vendors, software integrity, and trust relationships play a critical role in reducing exposure across interconnected systems. Supply chain attacks work through a staged…...

Cloud SEK
cloudsek. com > knowledge-base > data-leak-detection

What Is Data Leak Detection? How It Works and Why It Matters

9+ hour, 48+ min ago  (1081+ words) A data leak is when sensitive information becomes exposed due to weak security settings, human mistakes, or system gaps. Private data ends up accessible to people who were never meant to have access. Such situations often go unnoticed since no…...

Cloud SEK
cloudsek. com > ar > blog > inside-the-fortibleed-open-directory-a-technical-analysis-of-what-the-attacker-left-behind

Inside the Forti Bleed Open Directory: A Technical Analysis of What the Attacker Left Behind

1+ week, 5+ day ago  (763+ words) Cloud SEK's threat intelligence team is tracking Forti Bleed, an active, large-scale credential-compromise campaign targeting internet-facing Fortinet Forti Gate firewalls and SSL VPN gateways worldwide. Despite the name, Forti Bleed is not a software vulnerability and is not linked to…...

Symbols: cwe-24,cwe-78
Cloud SEK
cloudsek. com > blog > operation-escaneo-mexican-government-financial-institutions-cyberattack

Operation Escaneo: Infrastructure Exposure, TTP Analysis, and Attribution Assessment of an Advanced Intrusion Campaign Against Mexican Federal Agencies and Financial Institutions

2+ week, 1+ day ago  (474+ words) Known/Claimed Attacks by Pancho Villa 2. "Chilango Leaks" " Mexico City Government (CDMX) " April 2024 Mexican Mafia released 20 GB of what they called "Chilango Leaks," which included approximately 2. 1 million private emails from over 2, 000 CDMX public servant accounts across agencies ranging from the Secretar'a…...

Symbols: jiatf-cc
Cloud SEK
cloudsek. com > ar > ancmt > cloudsek-and-incloud-partner-to-expand-ai-native-cyber-intelligence-in-brazil

Cloud SEK and In Cloud Partner to Expand AI-Native Cyber Intelligence in Brazil

2+ week, 1+ day ago  (447+ words) S'o Paulo " Cloud SEK, an AI-native predictive cyber intelligence platform, has announced a strategic partnership with In Cloud, a Brazilian managed security services provider, to expand access to predictive threat intelligence and digital risk protection across Brazil. Cloud SEK helps…...

Symbols: btc-usd,nasdaq:chkp
Google News
cloudsek. com > knowledge-base > uae-cybersecurity-compliance-explained-key-laws-rules-and-business-requirements

UAE Cybersecurity Compliance Explained: Key Laws, Rules and Business Requirements

2+ week, 1+ day ago  (1547+ words) For UAE financial institutions, the compliance clock is now ticking. This is not a routine paperwork exercise. It is a direct response to the growing use of fake domains, phishing pages, fraudulent ads, social media impersonation, malicious apps and brand…...

Cloud SEK
cloudsek. com > knowledge-base > from-alerts-to-attack-paths

From Alerts to Attack Paths: Why Correlation Beats Alert Volume

2+ week, 3+ day ago  (981+ words) Alert correlation links related security alerts into a single attack path, the route an attacker takes from entry to target. Correlation beats cutting alert volume because it surfaces the few real attacks hidden inside thousands of disconnected alerts. The cost…...

Symbols: btc-usd
Cloud SEK
cloudsek. com > ar > knowledge-base > ai-threat-intelligence

AI Threat Intelligence: What It Is, How It Works, and Why It Matters

4+ week, 1+ day ago  (799+ words) This guide explains what AI threat intelligence is, how it works, what it detects, and how security teams can implement it effectively. AI threat intelligence is a cybersecurity approach that uses artificial intelligence, machine learning, and automated analysis to identify,…...

Symbols: d05.S0,u11.S0,z74.S0,m03.S0,blz.si,575.S0
Google News
cloudsek. com > ar > blog > aivigil-mcp-security-case-study

How an Unauthenticated MCP Server Led to SSRF, LFI, and AWS Credential Theft

4+ week, 1+ day ago  (844+ words) Background: MCP and the Expanding AI Attack Surface Google Threat Intelligence Group (GTIG) confirmed in early 2026 that adversaries, including nation-state actors from China, Iran, and North Korea, have operationalized LLMs and MCP infrastructure as force multipliers for reconnaissance, initial access,…...

Symbols: nyse:s
Cloud SEK
cloudsek. com > blog > inside-a-tor-backed-supply-chain-worm

Inside a Tor Backed Supply Chain Worm

1+ mon, 2+ week ago  (976+ words) The decoy was well constructed. The ##lib/## directory contains a functional implementation of SHA-256, HMAC, PBKDF2, AES-CBC, and Base64, a near verbatim copy of the legitimate ##crypto-js## source. ##index. js## exports all of these correctly. Between 14: 39 and 21: 21 UTC on 11 May 2026, the actor…...

Symbols: index.js