Cloud security threats are escalating rapidly as cloud attacks become faster and more sophisticated. A new report from Google Cloud warns that attackers are now exploiting vulnerabilities within days of disclosure, dramatically reducing the time organizations have to respond.
According to the report, based on observations from the second half of 2025, the window between vulnerability disclosure and mass exploitation has shrunk from weeks to just days. This acceleration, in particular, is driven by automation and AI-assisted reconnaissance that help attackers identify weaknesses rapidly. Meanwhile, instead of attacking major cloud providers like アマゾンウェブサービス, マイクロソフト アジュール、 Googleクラウド directly, cybercriminals target unpatched third-party software. For example, the React Server Components vulnerability, React2Shell (CVE-2025-55182), was exploited within 48 hours of its disclosure.
Another attack involved a vulnerability in the XWiki Platform (CVE-2025-24893). Although the flaw was patched in 2024, delayed patch deployment allowed attackers to exploit it months later for remote code execution and crypto-mining operations.
The report also documents complex supply chain attacks. In one incident, the state-linked group UNC4899 targeted a developer with a malicious archive disguised as an open-source collaboration project. The file installed malware that impersonated a Kubernetes command-line tool, allowing attackers to gain access to the corporate environment.
Identity-based attacks are also increasing. According to the report, 21% of incidents involved stolen identities or compromised trusted relationships with third parties. Other techniques included voice-based phishing (17%), email phishing (12%), and exploitation of misconfigured infrastructure assets.
To defend against these threats, Google Cloud recommends stronger patch management, improved identity and access controls, network monitoring, and prepared incident response plans. The report also suggests that automated and AI-assisted security defenses may be necessary to counter increasingly automated cyberattacks.
As cloud adoption continues to grow, organizations must respond quickly to vulnerabilities and strengthen their security posture to prevent attackers from exploiting increasingly short attack windows.
重要なポイント:
- Cloud attacks now occur within days of vulnerability disclosure.
- Attackers increasingly target third-party software integrated into cloud environments.
- Identity compromise and social engineering are growing attack vectors.
- Supply chain attacks can provide attackers with direct access to corporate systems.
- Automated security defenses are becoming essential for cloud protection.
ソース:
https://www.zdnet.com/article/google-cloud-threat-report-third-party-software-ai-attacks/
