CATEGORIES

CloudSEK Success Stories

Articles in Blog Posts

April 11, 2025

How a Misconfiguration Led to Leaked Customer Data and Security Credentials

A misconfigured backup file exposed sensitive customer data, internal credentials, cryptographic keys, and decompiled source code of a major bank—revealing how a single oversight can lead to a dangerous security spiral. Discovered by BeVigil during an infrastructure risk assessment, the breach highlights the urgent need for secure backup practices and continuous attack surface monitoring. Dive into the full report to understand how this exposure could have enabled identity theft, unauthorized access, and deeper system compromise.

Written by

Niharika Ray

April 10, 2025

Protecting Your Brand in the Digital Age: Fake Pages & Channels Monitoring by CloudSEK’s XVigil

In today’s digital-first world, fake pages, channels, and impersonation scams are rising fast—posing real threats to your brand’s reputation, customer trust, and bottom line. CloudSEK’s XVigil offers an intelligent solution with real-time detection and takedown of fraudulent content across platforms like Facebook, LinkedIn, Telegram, and more. This report highlights real-world cases of online brand abuse and shows how XVigil proactively protects against evolving digital threats. Discover how your organization can stay ahead of impersonators and ensure a safer, trusted presence online. Read the full report to see XVigil in action and why it’s essential for modern brand protection.

Written by

Anjali Bhavesh Thacker

April 10, 2025

USD 110M Loan Portfolio at Risk Due to Vendor’s Apache Superset Insecure Default Initialization of Resource Vulnerability [CVE-2023-27524]

CloudSEK’s SVigil identified a critical Apache Superset vulnerability (CVE-2023-27524) exposing a major financial institution’s sensitive loan data worth over USD 110 million. Swift detection allowed immediate remediation, preventing potential financial fraud, regulatory repercussions, and severe reputational damage. Explore how proactive digital monitoring by SVigil safeguards enterprises from significant data breaches.

Written by

Hansika Saxena

March 28, 2025

How an Exposed Jenkins Instance Led to a Full-Scale Infrastructure Compromise

What started as a single exposed Jenkins instance quickly snowballed into a full-blown infrastructure compromise—complete with remote code execution, leaked AWS keys, and customer PII exposure. In this real-world case uncovered by CloudSEK’s BeVigil, we break down how a seemingly minor CI/CD misconfiguration opened the floodgates for attackers. Dive in to see how the breach unfolded, the domino effect it triggered, and the critical lessons every organization must learn.

Written by

Niharika Ray

March 27, 2025

How SVigil Prevented a Massive Supply Chain Breach in Banking Infrastructure?

In today’s hyper-connected financial ecosystem, a single compromised vendor can jeopardize the security of an entire banking infrastructure. CloudSEK’s SVigil platform uncovered exposed credentials belonging to a key third-party communication provider, putting millions in operational credit, sensitive customer data, and critical cloud infrastructure at risk. This real-time discovery not only thwarted a large-scale breach but also highlighted glaring gaps in cloud access controls, MFA implementation, and vendor security hygiene. Dive into this case study to understand how SVigil turned a potential cyber catastrophe into a story of resilience and rapid response.

Written by

Hansika Saxena

March 26, 2025

Unsecured Loans: How Hidden Flaws in Digital Lending Platforms Could Cripple Your Fintech Business

As fintechs rush to simplify lending, they’re also unknowingly exposing massive security blind spots—exposed APIs, weak authentication, and zero encryption. This blog dives into real-world findings from BeVigil scans that uncovered full account takeovers and critical data leaks in major banking platforms. If you're in digital lending, this isn’t just a wake-up call—it’s your blueprint to survival.

Written by

Niharika Ray

Articles in Threat Intelligence

November 15, 2023

Critical CSRF Vulnerability in IBM CICS TX - CVE-2023-42027 Demands Immediate Action

CVE-2023-42027 IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multi platforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts

November 6, 2023

CVE-2023-43792 baserCMS is a website development framework vulnerable to Code Injection attacks

CVE-2023-43792 is a code injection vulnerability in the mail form of baserCMS versions 4.6.0 to 4.7.6. This vulnerability allows an attacker to inject arbitrary code into the baserCMS application, which could then be executed by other users of the application.

November 6, 2023

CVE-2023-4197 Vulnerability in Dolibarr ERP CRM 18.0.1 Allows PHP Code Injection

CVE-2023-4197 Improper input validation in Dolibarr ERP CRM v18.0.1 fails to strip certain PHP code from user-supplied input when creating a Website, allowing an attacker to inject and evaluate arbitrary PHP code

September 8, 2023

Hoze shell script dropped along with XMRig miners on misconfigured SSH Servers by Brute Forcing

CloudSEK’s Threat Intelligence Team uncovered a campaign, actively running from the past 1.8 years, that attacks and brute forces the SSH. 

September 4, 2023

3,20,000+ Patient Records From Ayush Jharkhand Gov. In Shared On Dark Web Hacking Forums

A hacker known as Tanaka has exposed over 320,000 patient records from ayush.jharkhand.gov.in, detailing personal and medical information. The 7.3 MB database leak includes sensitive data from the AYUSH ministry's site

August 28, 2023

Rogue Scripts Are Exploiting OTP Verification APIs To Send Heaps of OTP SMSes, Hold The Potential Of Triggering Service Disruptions.

Discover how CloudSEK's AI-powered XVigil platform identified concerning GitHub repositories mentioning Indian companies and their APIs.

Join 10,000+ subscribers

Keep up with the latest news about strains of Malware, Phishing Lures,
Indicators of Compromise, and Data Leaks.