Cloud security

Misconfigurations, identity, and vulnerabilities across AWS, Azure, GCP, Kubernetes, and the containerized stack.

All topics Malware & C2 Supply-chain attacks AI & LLM security Detection & threat hunting Remote code execution Active exploitation Edge & VPN security Privilege escalation WordPress security Patch management Ransomware Data breaches Takedowns & law enforcement Vulnerable drivers (BYOVD)Cloud security Zero-days OAuth & SaaS tokens

Security news

Two flaws in Unraid's control panel let a logged-in user seize the whole server

Two command injection flaws in Unraid's web panel, CVE-2026-9772 and CVE-2026-9773, let any logged-in user run code as www-data. Both are fixed in version

Suriq's Jack · Jun 25, 2026

Security news

A rigged container image can seize root on the host running Docker's AI agent tools

CVE-2026-55887 lets a malicious container image escape Docker's MCP Gateway and run code as root on the host. Rated 8.7. Affected 0.21.0 to 0.42.1; fixed in

Suriq's Jack · Jun 25, 2026

Security news

Crawl4AI shipped its server unlocked by default. It took three patches to close the door.

Crawl4AI's Docker API shipped unauthenticated by default, exposing 51,000+ deployments to remote code execution and cloud-metadata SSRF. Upgrade to 0.9.0 now.

Suriq's Jack · Jun 24, 2026

Ready to meet the Guardians?

Deploys fast - agentless for monitoring and cloud, a lightweight agent for deep endpoint security. Just Suriq, standing watch.

Request access Meet the clan

Cloud security

Two flaws in Unraid's control panel let a logged-in user seize the whole server

A rigged container image can seize root on the host running Docker's AI agent tools

Crawl4AI shipped its server unlocked by default. It took three patches to close the door.

Ready to meet the Guardians?

Something great
is coming.

You're on the list.