Cloud & Enterprise
Cloud and enterprise IT covers identity, access, SaaS, hybrid infrastructure and corporate attack surfaces. The analysis helps readers follow risks, incidents and architectural decisions relevant to complex environments.

Aflac Japan Confirms 4.38 Million Records Breached; U.S. Systems Unaffected
Aflac Life Insurance Japan Ltd. disclosed a ten-day intrusion from June 15–25, 2026, affecting 4.38 million customers and agents and e…

Nissan Payroll Breach via Oracle PeopleSoft Zero-Day CVE-2026-35273
Nissan Americas confirmed a breach exposing employee payroll data and Social Security numbers across four countries through CVE-2026-3…

Mustang Panda Turns Zoho WorkDrive Into Covert C2 Channel Against Indian Government
The Mustang Panda APT group ran two espionage campaigns in June 2026 targeting the Indian government and hydroelectric infrastructure,…

CVE-2026-46817: Oracle EBS Under Attack, 450+ Servers Exposed
Defused detects active exploitation of CVE-2026-46817 on Oracle EBS honeypots. CVSS 9.8, patch available since May, over 450 instances…

Unit 42 Uncovers Universal Bucket Hijacking Across Multiple Clouds
Unit 42/Palo Alto Networks research: globally unique bucket names in Google Cloud, AWS, and Azure allow data-flow hijacking without co…

Klue Supply Chain Compromised, Icarus Hacked, Data in Circulation
The Klue-Salesforce supply chain breach now spans roughly two dozen confirmed victims. The extortion group Icarus, which claimed respo…

Burnyard: Local Malware Analysis Beats Cloud on Speed, But Accuracy Remains Unverified
Ohio State University's Burnyard project challenges VirusTotal and Sophos Intelix with user-space emulation on local hardware, deliver…

Ransomware: Europe Overtakes US as Top Target With 55% Surge in Attacks
Black Kite's first Europe-focused report reveals 684 ransomware attacks in the first four months of 2026, a 55.1% year-over-year incre…

'Snoopy' Sentenced: 18 Months for the Massive DraftKings Hack
Nathan Austad, known as 'Snoopy,' received an 18-month federal prison sentence for orchestrating the November 2022 credential-stuffing…

macOS: Standard Users Disable EDR/MDM Without Admin Rights
A privilege escalation technique on macOS exploits CDHash caching and NIB injection to silently disable enterprise security tools. App…

Bajaj Auto’s Silent Ransomware: What Lies Behind the ‘Successful Mitigation’ Claim
Bajaj Auto disclosed a June 23, 2026 ransomware incident without naming the threat actor, strain, or impact. The case exposes the limi…

Path Traversal in Allegra: CVE-2026-11442 Exposes Arbitrary Files
The ZDI-26-357 vulnerability in Allegra's exportReport method allows an authenticated remote attacker to read arbitrary files via path…