This week in Cloud Security: Agentic AI, Hybrid Exchange Flaws & Public Sector Push

Your No-Fluff Security Roundup | 2nd - 8th Aug 2025

This week:

• Microsoft Exchange hybrid flaw enables stealth privilege escalation
• CyberArk achieves IRAP Protected status for Australian sovereignty workloads
• Tenable Cloud Security gains FedRAMP Moderate authorisation
• Sysdig launches “agentic AI” for automated CNAPP risk decisions
• Upwind adds cross-environment runtime visibility
• HPE expands built-in cloud security capabilities

Here’s what happened and why it actually matters.

🔎 Featured Story of the Week

Microsoft Exchange Hybrid Flaw Enables Stealth Privilege Escalation

🔗Read more at The Hacker News

CISA issued an alert for CVE-2025-53786, a flaw in hybrid Exchange environments that allows attackers with on-prem admin access to pivot into the cloud undetected. Microsoft urges urgent patching and log review.

‍Why this matters:
‍This isn’t theoretical. Hybrid Exchange setups are still everywhere, and this flaw bypasses typical detection. Treat this like an active compromise if you’re exposed.

Sovereignty, Policy, & Public Sector Shake-ups

CyberArk Achieves IRAP Protected Assessment for Aussie Cloud

🔗Read → SecurityBrief AU

CyberArk has secured IRAP “Protected” classification for its cloud environment, positioning it for more regulated workloads in Australia.

‍Why this matters:
‍ This IRAP milestone is a signal: global players are adapting fast to meet Australia’s increasing sovereignty demands especially as local cloud mandates expand.

Tenable Cloud Security Now FedRAMP Authorised

🔗Read → AWS Blog

Tenable’s cloud-native security platform has received FedRAMP Moderate authorization, now available through AWS Marketplace for U.S. federal agencies.

‍Why this matters:
‍As public sector procurement accelerates, security vendors must meet compliance to stay competitive. FedRAMP status is no longer a differentiator, it’s a requirement.

Forescout Achieves FedRAMP High ‘In Process’ Status

🔗Read → BusinessWire

Forescout is pursuing FedRAMP High certification to expand its zero-trust solutions across critical U.S. federal networks.

‍Why this matters:
‍ “High” status reflects trust for sensitive workloads and signals deeper public sector traction for zero-trust solutions.

Vendor Moves That Matter

Sysdig Introduces Agentic AI for Cloud Risk Prioritisation

🔗Read → MSSPAlert

Sysdig unveiled an “agentic AI” framework to automatically prioritise risks, streamline cloud detections, and reduce triage noise in CNAPP workflows.

Why this matters:
It’s not just AI for scanning, this is AI for decision-making. Agentic models that reason and act could reshape how teams handle signal overload in runtime.

Upwind Adds Full Runtime Visibility to CNAPP Suite

🔗Read → The Fast Mode

Upwind has added integrated runtime visibility across VMs, containers, and Kubernetes environments to its CNAPP offering.

Why this matters:
CNAPPs that can’t see what’s running can’t protect it. This runtime push closes the gap between visibility and enforcement especially in hybrid infra.

HPE Expands Cloud Security in Platform Update

🔗Read → HelpNetSecurity

HPE’s latest portfolio update includes enhancements to its cloud security automation and workload protection capabilities.‍

Why this matters:
Legacy infrastructure vendors are playing catch-up. Security is no longer a bolt-on, it’s baked into cloud platform value.

Earthling Security Launches CodeOps Cloud Platform

🔗Read → Yahoo Finance

Earthling Security debuted “CodeOps,” a platform that integrates DevSecOps principles with real-time compliance validation.‍

Why this matters:
This reflects a shift from “security tools” to “security cultures.” Compliance needs to happen as code, not after deployment.

Bugs, Breaches & Fixes of the Week

Amazon ECS Privilege Escalation Discovered

🔗Read → Dark Reading

Researchers found a privilege escalation flaw in Amazon ECS that allows role assumption via service-connected IAM hijacking. AWS has issued mitigation guidance.‍

Why this matters:
Cloud IAM is a double-edged sword and this is a reminder that misconfigured service roles can create massive lateral movement paths.

Reports, Roadmaps & Research

Multi-Cloud Fragmentation Putting Core Apps at Risk

🔗Read → Intelligent CISO

New research from AlgoSec and ESG finds 54% of enterprises say fragmented security controls across cloud providers are directly endangering critical applications.

‍Why this matters:
Too many clouds, not enough cohesion. Enterprises need unified policies, not just more tools, or complexity will continue to outpace control.

AI Security Now a Top Priority, Says Global Study

🔗Read → B2B Cyber Security / Thales

Thales’ 2025 Cloud Security Study reports that over 50% of orgs are prioritising AI security above other initiatives with model abuse, prompt injection, and data leaks topping concerns.

‍Why this matters:
The AI boom is now a board-level risk issue. Expect security budgets to shift toward model protection, inference monitoring, and data isolation controls.

🧠 TL;DR: What This Week Tells Us

• Hybrid risk is real — The Exchange flaw reminds us how dangerous on-prem to cloud privilege bridges can be.
  

• FedRAMP momentum is surging — Three separate public sector announcements show how vital compliance status is to vendor growth.
  

• AI in cloud security is evolving — From agentic models to budget priority shifts, “AI security” is no longer just about tools, it’s about decision-making and architecture.

• Visibility is the new battlefield — Runtime, IAM paths, and code compliance are where the next wave of innovation (and risk) is playing out.

‍

‍