Your No-Fluff Security Roundup | 4th - 11th July 2025
This week:
Here's what happened and what actually matters.
🔎 Featured Story of the Week
26 Million CVs Leaked via Azure Misconfiguration
🔗Read more at ITPro.
Recruitment platform TalentHook left an Azure Blob storage container wide open, exposing millions of CVs. The data included full names, emails, and detailed work history.
Why it stands out:
No APT. No zero-day. Just a textbook misconfig, leading to one of the biggest exposure events this year. A sharp reminder that even basic mistakes can create headline breaches.
Sovereignty, Policy, & Public Sector Shake-ups
AWS Doubles Down on European Sovereign Cloud
🔗Read → AWS Blog
AWS handed operational control to EU-based entities under its new EU Trust Service Provider (EU-TSP). It's a major move in the ongoing sovereignty arms race.
What this signals:
Sovereignty is no longer marketing fluff. Expect stricter procurement policies in finance, health, and government as hyperscalers adapt.
Brussels Under Fire for Hyperscaler Dependency
🔗Read → Centre for Data Innovation
Despite promises of "digital autonomy", the EU keeps awarding contracts to US cloud giants. Critics are speaking up.
The Bigger Picture:
This isn’t just policy posturing. It’s shaping the cloud vendor landscape in Europe. Watch for more in-region mandates and tighter qualification frameworks.
Government Cloud: High Ambition, Low Visibility
🔗Read → SC World
Public agencies going multicloud are hitting roadblocks: scattered tools, blind spots, and compliance delays tied to outdated procurement.
What teams are learning:
Being "cloud-first" doesn’t equal "cloud-secure". Public sector CISOs are being pushed to streamline tooling without sacrificing delivery speed.
Vendor Moves That Matter this Week
CoreStack Debuts Graphion: AI-Native CNAPP
🔗Read → Cincinnati.com
Graphion blends CSPM and AppSec into a single AI-driven control layer. It’s designed to enforce security posture in real time, not after the fact.
Why this matters:
Security is catching up to DevOps velocity and the bar has shifted. Platforms need to be smart enough to act, not just alert.
Aviatrix Unveils Cloud Native Security Fabric
🔗Read → Security Boulevard
Segmentation, encryption, and policy enforcement now baked directly into the network layer. Aviatrix is calling it CNSF….Cloud Native Security Fabric.
Think about it this way:
Security is moving out of the SOC and into the infrastructure. This is what architectural security at scale looks like.
Cato Networks Raises $359M to Expand Secure Edge
🔗Read → Fintech Global
Backed by fresh funding, Cato is scaling out AI-driven SASE with a focus on AI-driven consolidation.
Key Takeaway:
Buyers don’t want stitched-together point tools anymore. Cohesive, unified platforms are the new endpoint for cloud and network security.
Rackspace Goes Open Source for Private Cloud
🔗Read → ITPro
Built on OpenStack, Rackspace’s new private cloud targets performance-heavy and regulated workloads.
Why It’s a Big Deal:
It’s an alternative to hyperscaler lock-in, especially for cost-conscious teams in finance and healthcare.
Sysdig Launches Global Open Source Security Hub:
🔗Read → Silicon Canals
Sysdig rolled out global OSS community supporting tools like Falco and Wireshark with mentoring, training, and certification
Why this matters:
Open source is powerful, but without education, it’s risky. This is how you build trustworthy security from community tools.
Bugs, Breaches & Fixes of the Week
NVIDIA Fixes Critical Kubernetes Escape Vulnerability
🔗Read → Dark Reading
A 9.0-rated CVE in NVIDIA’s Container Toolkit allowed container breakout and full host control. Patch is live.
Bottom Line:
If you’re running AI on GPU-backed K8s clusters, this isn’t optional. It’s urgent. Isolation boundaries just got tested.
Reports, Roadmaps & Research
Thales Cloud Security Study: Encryption Low, Distraction High
🔗Read → SC World
Only 8% of orgs encrypt most of their sensitive cloud data. Meanwhile, security budgets are drifting toward shiny AI tools - away from IAM and MFA.
What to Take Away:
It’s not just about what you’re investing in, it’s what you're neglecting. Most real-world breaches still stem from neglected basics. Don’t let core controls rot
SA Power Networks Launches 5-Year Cyber Strategy
🔗Read → ITNews
The utility’s roadmap zeroes in on IAM, SASE, OT risk, and cloud-native governance. It’s a full-spectrum resilience push.
Why it’s Smart:
Critical infrastructure isn’t just a buzzword. It’s a target. Plans like this are how you stop reacting and start building security into the core.
📖 TL;DR: What This Week Tells Us
✅ Misconfigs are still breaking things
🧠 Real-time enforcement is the new standard
🏗️ Security is shifting from reactive tools to proactive architecture
🌍 Sovereignty is shaping vendor strategy
📉 Core controls like IAM and MFA remain critically underfunded
If your security stack isn’t helping you move faster and safer, it’s time to rethink the architecture - not just the alerts.
Related Resources
Find your Tribe
Membership is by approval only. We'll review your LinkedIn to make sure the Tribe stays community focused, relevant and genuinely useful.
To join, you’ll need to meet these criteria:
> You are not a vendor, consultant, recruiter or salesperson
> You’re a practitioner inside a business (no consultancies)
> You’re based in Australia or New Zealand