Cloud Security Wire
AWS Azure GCP RSS
Security Intelligence

All Analysis

56 articles — misconfigurations, breach analyses, hardening guides, and CVE deep-dives.

Provider:
Type:
Multi-Cloud Misconfiguration high

Exposed AI Inference Endpoints: Hardening LiteLLM and Ollama in Cloud Environments

Research published in mid-2026 documented systematic exploitation of exposed LiteLLM deployments and unauthenticated Ollama endpoints for compute theft, credential exfiltration, and autonomous attack operations. This guide covers how these services get exposed in cloud environments, the specific cloud misconfigurations that enable it, and the hardening steps to close the exposure.

Read →
GCP Hardening Guide high

GCP VPC Service Controls: What They Actually Prevent (and Where Misconfigurations Leave Gaps)

VPC Service Controls are Google Cloud's mechanism for creating security perimeters around GCP services and preventing data exfiltration. They are widely misunderstood, frequently misconfigured, and often deployed in ways that provide false confidence. This guide covers how they work, the common gaps, and how to verify your perimeters are actually doing what you think.

Read →
GCP Misconfiguration high

GCP Artifact Registry Security: Public Repositories, Overpermissive IAM, and Secrets in Container Layers

GCP Artifact Registry is increasingly a source of supply chain risk in Google Cloud environments — through publicly accessible repositories, overpermissive service account bindings, and secrets baked into Docker image layers. This guide covers the three primary misconfiguration classes, audit commands, and the remediation steps that eliminate the exposure.

Read →
GCP Misconfiguration

GCP Workload Identity Federation: Attack Paths When the Trust Rules Are Too Broad

Workload Identity Federation replaces GCP service account key files with keyless, short-lived tokens. But misconfigured pool trust rules — particularly those federating with GitHub Actions or multi-tenant identity providers — create privilege escalation paths that attackers are actively exploiting. Here is what the attacks look like and how to audit your federation configuration.

Read →