Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days.

UNC4899 breached a crypto firm via AirDrop malware and cloud exploitation in 2025, stealing millions through Kubernetes and Cloud SQL abuse.

Google's latest threat report warns that third-party tools are now prime targets for attackers - and businesses have only days to secure them.

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.