CloudSEK Logo
Home
Product
Nexus
AI-Powered Command Center and Cyber Risk Quantification
XVigil
External Digital Risk Protection
BeVigil
External Attack Surface Monitoring
SVigil
Software and Supply chain Risk Monitoring and Protection
Threat Intelligence
Cyber Threat Intel, IAVs, Threat Actor Directory & More
BeVigil Community
Application Scanner
Exposure
Check if your organisation's data is in a data breach
Solutions
Cyber Threats Monitoring
Dark web monitoring
Brand Threats Monitoring
Infrastructure Monitoring
Partner Secret Scanning
BeVigil Jenkins CI
BeVigil OSINT CLI
BeVigil Asset Explorer
Resources

Resources

Blog
The latest industry news, updates and info.
Threat Intelligence
Get up and running on new threat reports and techniques.
Knowledge Base
Basics of Cybersecurity and see more definitions
Whitepapers & Reports
The content team broke their backs making these reports.
Customer stories
Learn how our customers are making big changes. You have got good company!
CloudSEK Academy
Be CloudSEK certified!

Company

Integrations
We are more connected than you know. Explore all Integrations
Partners
100s of partners and one Shared goal; Secure future for all us.
About us
Learn about our story and our mission statement.
Life at CloudSEK
A sneak peek at the awesome life at CloudSEK.
Careers
We're hiring!
We are in love with undeniable talent. Join our team!
Legal
All the boring but necessary legalese that legal made us add.
Compliance
Proven compliance with top security benchmarks.
Events
Explore webinars, panels, and meetups powered by CloudSEK.

Resources

Blog Posts

AMOS Variant Distributed Via Clickfix In Spectrum-Themed Dynamic Delivery Campaign By Russian Speaking Hackers
AMOS Variant Distributed Via Clickfix In Spectrum-Themed Dynamic Delivery Campaign By Russian Speaking Hackers
Read Now
All Blog Posts

Whitepapers & Reports

Quarterly IAV Roundup: Initial Access & Database Brokers
Quarterly IAV Roundup: Initial Access & Database Brokers
Read the Report now!
All Reports
Log in
Schedule a Demo
Niharika Ray

Niharika Ray

Blogs & Articles

Read all Blogs from this Author

Blog image
50,000+ Azure AD Users Exposed via Unsecured API: BeVigil Uncovers Critical Flaw

An unsecured API endpoint buried inside a JavaScript file gave attackers the keys to the kingdom—direct access to sensitive Microsoft Graph data of thousands of employees, including top executives. CloudSEK’s BeVigil platform uncovered how this silent slip could lead to identity theft, phishing attacks, and regulatory nightmares. Here’s how it unfolded—and what your organization must do to stay safe.

Read More
Blog image
Exposed and Exploitable: How an LFI Flaw Left a Travel Giant’s Server Files Open to Hackers

A single misconfigured endpoint. That’s all it took to expose root-level server access, hardcoded credentials, and sensitive configs of a major travel platform. In this gripping exposé, CloudSEK’s BeVigil unpacks how a seemingly minor oversight escalated into a full-blown Local File Inclusion (LFI) vulnerability—no authentication required. From source code leaks to credential harvesting, discover how attackers could’ve breached the entire infrastructure—and what your organization must do to avoid the same fate.

Read More
Next

Whitepapers and Reports

Read all Whitepapers and reports from this Author

No White papers or Reports found.

Knowledge Base

Read all knowledge base articles from this Author

No Knowledge base articles found.
Join our newsletter
We’ll send you a nice letter once per week. No spam.
Untitled UI logotextLogo
Product
XVigil
BeVigil
SVigil
New
Tutorials
Pricing
Releases
Company
About us
Careers
Press
News
Media kit
Contact
Resources
Blog
Newsletter
Events
Help centre
Tutorials
Support
Use Cases
Startups
Enterprise
Government
SaaS
Marketplaces
Ecommerce
Social
Twitter
LinkedIn
Facebook
GitHub
AngelList
Dribbble
© 2077 Untitled UI
PrivacyGDPRDisclosure of Vulnerability
Products
XVigil
BeVigil Enterprise
SVigil
BeVigil
CloudSEK Exposure
Mobile App
Google Play button to download App
Solutions
Cyber Threats Monitoring
Dark Web Monitoring
Brand Threat Monitoring
Infra Threat Monitoring
Partners Secret Scanning
BeVigil Jenkins CI
BeVigil OSINT CLI
BeVigil Asset Explorer
Takedowns
Resources
Blogs and Articles
Threat Intelligence
Whitepapers and Reports
Knowledge Base
Integrations
Community
Discord Community
Company
About us
Customers
Partners
Life at CloudSEK
Secure Sips
Careers
Announcements
Press
Contact Us
CloudSEK Logo
Linkedin Icon

At CloudSEK, we combine the power of Cyber Intelligence, Brand Monitoring, Attack Surface Monitoring, Infrastructure Monitoring and Supply Chain Intelligence to give context to our customers’ digital risks.

GDPR Policy
Privacy
Vulnerability Disclosure
DPA
Cookies Policy
Subscribe our newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.