- Cloud Security Newsletter
- Authors
- Ashish Rajan
🚨Zero Day Exploit Windows Shrink to Hours: Is Your Security Stack Built for an AI Accelerated Threat Landscape?
This week Google's closes $32B acquisition of Wiz to reshape cloud security, and Google also patches two in the wild Chrome zero days added to CISA KEV; LeakNet ransomware pivots to ClickFix and Deno in memory loaders to evade detection. Plus: Ashish Rajan & Caleb Sima on why the vendor consolidation era is arriving, why AI agent security remains an open book, and why the window from vulnerability to exploitation now closes in under two days.
🚨 Google Closes $32B Wiz Deal: Why the Browser Is Now Your Biggest Security Blind Spot
This week Google's landmark $32B acquisition of Wiz reshapes cloud security, while a new coalition of identity-focused threat actors Scattered Lapsis Hunters continues to dominate enterprise breaches through browser-native attacks. Push Security co-founder Adam Bateman explains why your IDP is not a firewall, how phishing has moved far beyond the inbox, and why the browser is now the most under-protected attack surface in the enterprise. Keywords: browser security, identity attacks, cloud security M&A, supply chain risk, SaaS phishing, consent phishing, Click Fix.
🚨 The 29-Minute SOC: Why AI-Accelerated Attacks Are Forcing Security Teams to Rethink Response
CrowdStrike’s 2026 report reveals attackers breaking out in minutes while espionage groups hide command-and-control traffic inside cloud APIs. This week’s Cloud Security Brief examines what this means for enterprise SOC architecture and why AI-assisted investigations are becoming unavoidable.
🚨 AI Agents Are Now the Attack Surface & Building an AI Security Blueprint Before It's Too Late
This week's brief covers the Cline npm supply chain attack weaponising prompt injection against CI/CD pipelines, BeyondTrust CVE-2026-1731 now confirmed in active ransomware campaigns across 11,000+ exposed instances. Alongside the Cisco State of AI Security 2026 report and Microsoft's new Security Dashboard for AI, TrendAI's Shannon Murphy outlines a pragmatic AI security blueprint centred on data governance, agent identity, and cross-functional ownership for organisations at every stage of AI adoption. Key themes: agentic AI security, AI asset inventory, DSPM, supply chain risk, and enterprise AI governance frameworks.
🚨 OpenClaw AI Agents Are Now Infostealer Targets: Using OpenSource for Securing the Cloud-AI Stack!
This week: infostealers begin targeting AI agent credentials (OpenClaw), Palo Alto acquires Koi Security to define Agentic Endpoint Security, and Microsoft 365 Copilot's DLP bypass exposes critical governance gaps. Toni de la Fuente, creator of Prowler, joins Ashish Rajan to unpack the shared responsibility gap in AI workloads, MCP architecture risks, and how open-source security tooling must evolve to meet the cloud-AI convergence challenge.
🚨 60K Cloud Servers Compromised + The AI Governance Illusion
This week: Critical vulnerabilities under active exploitation, cloud-native worm TeamPCP compromises 60K+ servers across AWS/Azure/GCP, and AI security adoption strategies from Harmonic Security's CTO on building developer-friendly governance that actually works.
🚨 Palo Alto's $3.35B Observability Bet Why Palo Alto’s $3.35B Observability Bet Signals the End of Vulnerability Management
This week's newsletter explores the strategic shift from siloed vulnerability management to unified exposure management, featuring insights from Brad Hibbert (COO & Chief Strategy Officer at Brinqa) on how enterprises can reduce risk at scale, plus analysis of major security acquisitions that signal the future of platform consolidation and AI-driven security operations.
🚨 Google Cloud Phishing Bypasses Email Security: Lessons from Anthropic's MCP Security Response
This week's newsletter examines sophisticated attacks exploiting legitimate cloud services—from Google Cloud's email features to AI agent tooling—and explores how enterprises like Anthropic are building secure-by-design systems. We feature insights from Caleb Sima and Ashish Rajan on implementing defense-in-depth architectures that assume breach and verify continuously.
🚨 Gemini Prompt Injection + Copilot Reprompt: Why LLMs Can’t Tell Instructions from Data
This week's newsletter examines critical prompt injection vulnerabilities across Microsoft Copilot, Google Gemini, and GitHub Copilot, alongside AWS CodeBuild's supply-chain risks. Learn from Ramp's Principal Security Engineer Antoinette Stevens about building engineering-led detection programs that scale with AI while maintaining human oversight, managing false positives, and balancing build-versus-buy decisions in 2026's threat landscape.
VMware ESXi Zero-Days Exploited for Year: Lessons from Dayforce's AI-FirstVulnerability Management Strategy
This week's newsletter covers critical enterprise vulnerabilities including year-long VMware ESXi exploitation by Chinese threat actors, HPE OneView's maximum-severity RCE flaw, and CrowdStrike's $740M identity security acquisition. Plus, Dayforce's Sapna Paul shares how AI is transforming vulnerability management from scan and patch workflows to continuous observation, detection, and model retraining.