CloudSEK

New supply chain threat uncovered CloudSEK TRIAD found an npm campaign using crypto-javascri, a typosquatted package impersonating crypto-js. It steals npm/GitHub credentials, hijacks maintainer accounts, and uses Tor-based C2 to stay harder to disrupt. cloudsek.com/blog/inside-a-…

What if the cyber reconnaissance came before the missiles? CloudSEK’s latest report explores alleged APT35 activity across GCC targets, from aviation to energy, and why defenders should pay close attention to the region’s cyber risk now. cloudsek.com/blog/kitten-ha…

What developers thought was harmless is now access to AI. CloudSEK found 32 hardcoded Google API keys across 22 Android apps — used by 500M+ users — now exposing access to Gemini AI. No warning. Just risk. cloudsek.com/blog/hardcoded…

That “free gift” link isn’t random. It’s engineered. CloudSEK exposes a global network abusing 300+ brands to profile users and funnel them into scams. Phishing is now targeted, scalable, and industrial. Read: cloudsek.com/blog/large-sca…

CloudSEK Triad has published a detailed investigation into the RAMP cybercrime forum, covering its operations and working from 2021 through its seizure by the FBI in January 2026. Read the full report: cloudsek.com/blog/the-rise-…

Attackers don’t need to build AI anymore. They just need to break it. This report shows how AI pipelines, not models, are becoming the weakest link in modern cyber conflict. Dive in: cloudsek.com/blog/ai-infras…

Iran–US escalation is pushing cyber risk into critical infrastructure. CloudSEK’s new report maps ICS/OT threat actors and shows why disruption may not need advanced exploits. In many cases, internet exposure + weak/default access is enough. cloudsek.com/blog/a-threat-…

CloudSEK x Commvault New integration to tackle exposed credentials on the dark web—bringing real-time credential intelligence into Active Directory security workflows. cloudsek.com/ancmt/commvaul…

Cyber war escalates in the Middle East ⚠️ After Israel–U.S. strikes on Iran, the region faces the largest cyberattack in history: 🔹 150+ hacktivist incidents 🔹 AI‑driven campaigns on Gulf states 🔹 Global risks to energy, finance & IT Read: cloudsek.com/blog/middle-ea…

Denied a US visa in 2012 at 23. Funded with 10 million dollars by a US state at 37. In 2012, Rahul Sasi from Mavelikkara, Kerala, was invited to present his cybersecurity research at the globally respected Black Hat Briefings in the United States. But at the visa interview, authorities questioned his low salary, his lack of a completed degree, and how a BTech dropout could qualify for such a conference. Despite an official invitation, his visa was denied. The rejection hurt. But it sparked a resolve. He would not return to the US until he could create jobs there. Diagnosed with ADHD as a child, Rahul often struggled in structured classrooms. In 2010, he dropped out of engineering to pursue an internship with iSIGHT Partners, later acquired by Google Cloud. He moved to Pune, lived frugally, and poured every spare hour into cybersecurity research. In 2015, he founded CloudSEK. In early 2026, CloudSEK raised 10 million dollars from Connecticut Innovations, marking its return to America, this time as a founder building opportunity. Sometimes rejection is not the end of the story. It is where it begins. @cloudsek #RahulSasi #CloudSEK #StartupIndia #CyberSecurity [Rahul Sasi, CloudSEK, cybersecurity startup]

🇨🇦 Canada targeted by evolving e-crime tactics! From Paytool to smishing, fraud, and malware—CloudSEK tracks rising digital threats coordinated via Telegram and underground forums. 🔍 Stay ahead with our latest threat intel report: cloudsek.com/blog/pivoting-…

🚨 Crypto users alert CloudSEK has uncovered a Discord-based cryptojacking campaign using clipboard-hijacking malware to silently replace wallet addresses and steal funds. Gamers & crypto communities are key targets. Read more: cloudsek.com/blog/humint-op…

Big milestone for Indian cybersecurity 🇮🇳🇺🇸 CloudSEK becomes the first Indian-origin cybersecurity firm to receive investment from a U.S. state-backed venture fund, with backing from Connecticut Innovations (Series B2). Indian cyber innovation goes global.

Big moment for Indian cybersecurity 🇮🇳🇺🇸 CloudSEK becomes the first Indian-origin cyber firm to receive investment from a U.S. state-backed fund, with backing from @CT_Innovate (Series B2). Read More: cloudsek.com/ancmt/cloudsek…

CloudSEK TRIAD identifies #MuddyWater leveraging spearphishing & icon spoofing to deliver #RustyWater—a new Rust-based implant targeting Middle East diplomatic & industrial sectors. Sustained activity seen across financial & maritime sectors. Report: cloudsek.com/blog/reborn-in…

CloudSEK TRIAD discovered Silver Fox APT targeting India with Valley RAT via Income Tax phishing. Infrastructure pivoting revealed 10+ related domains with China nexus hosting. Previously misattributed to SideWinder. cloudsek.com/blog/silver-fo… #APT #SilverFox #ValleyRAT

Proud to join forces with @seedgroupme , a company of The Private Office of Sheikh Saeed bin Ahmed Al Maktoum. CloudSEK is the first active Indian cybersecurity firm to bring AI-powered threat intelligence to UAE & MENA. Safeguarding digital futures together. #AI #MENA

🎉 Exciting news! CloudSEK is bringing a raffle to @bsidesahmedabad 2025 🎉 Prizes include: 🎮 PS5 (Slim) 📱 Apple 2025 iPad 🔊 Marshal Embertron II 📖 Amazon Kindle 🗓️ Sept 12–13, 2025 Which prize would you love to win? 👇

🚨 Cybercriminals are cashing in on Ganesh Chaturthi with fake idol sales, phishing sites & bogus festive offers. CloudSEK’s latest report reveals how scams exploit faith & celebration. 🔗 Read full investigation: cloudsek.com/blog/ganesh-ch…

🚨 CloudSEK uncovers a malware campaign targeting Indonesia’s seniors by impersonating state pension fund TASPEN. A fake Android app steals banking details, OTPs & biometrics—eroding trust in govt digital services. Full report 👉 cloudsek.com/blog/taspen-ma…