Cloud Security Office Hours Banner

Friday, June 19, 2026 - Meeting Recap

AI's impact on cybersecurity, Microsoft Red Sun zero-day, HSBC password controversy

- Fortinet zero-days, phishing-as-a-service, and Europe's sovereignty shift

Quick recap. The 177th session opened on Fortinet's run of zero-days and why perimeter vendors keep drawing nation-state attention, then moved to practical AWS posture tooling. The group weighed open-source scanners like Checkov and Prowler, flagged an affordable phishing-as-a-service kit automating Microsoft 365 compromise, and discussed Europe's accelerating move toward digital sovereignty and away from US cloud providers.

2026-06VulnerabilitiesAIIndustry News
Show 5 discussion topics

Fortinet zero-days and perimeter risk

The group discussed Fortinet's ongoing zero-day vulnerabilities and the broader pattern of firewall and edge vendors becoming attractive nation-state targets by virtue of their perimeter position. Tyler pushed the point that administrative interfaces should never be internet-exposed, and the group noted how automated attack agents are maturing from simple exploit attempts toward methodical, reasoning-driven compromise.

Open-source AWS posture tooling

Tyler highlighted Checkov as a comprehensive open-source option for scanning infrastructure-as-code, and Juninho pointed to Prowler as another strong open-source scanner; AWS Security Hub and other tools also came up. The thread was a practical survey of free tooling for AWS cloud security posture management.

Phishing-as-a-service and Microsoft 365

Thomas raised a phishing-as-a-service offering (discussed as "Kali 365") that automates Microsoft 365 account-compromise campaigns for roughly $250 a month, including automatically scanning mailboxes for wire-transfer opportunities and sending contextual replies to victims. The group noted these kits lower the barrier for attackers, though the resulting volume can also make campaigns easier to detect; social engineering remains the common denominator.

AI agents and CRM data exposure

The group flagged concerns about Salesforce AI agents and a vulnerability rated CVSS 9.4 that could let external attackers exfiltrate sensitive CRM data, alongside frustration that multiple vendors were racing to claim discovery of the same supply-chain issue.

Europe's digital-sovereignty shift

Jay described European governments - the Netherlands, Germany, and France among them - moving away from US providers like AWS and Microsoft over data-sovereignty and geopolitical concerns, making long-term commitments to European cloud and technology alternatives despite current gaps in available options.

↑ All meeting recaps