Rapid exploitation of newly disclosed cloud-facing third-party flaws

Threat actors are exploiting newly disclosed third-party flaws against **cloud environments** within days of disclosure, shrinking the window for defensive action. Available evidence highlights remote code execution bugs such as **CVE-2025-55182** and **CVE-2025-24893** as prominent examples, and says bug exploits accounted for 44.5% of investigated intrusions while credentials accounted for 27%. In some incidents, cryptominers appeared within 48 hours of disclosure, showing that exploitation can move from publication to abuse very quickly. The main defensive response is to treat newly disclosed cloud-facing RCE issues as urgent: apply vendor mitigations, follow applicable **BOD 22-01** guidance for cloud services, and check exposed instances for compromise after remediation. Available evidence does not identify a victim list or exact reach, so the confirmed pattern is a fast-moving exploitation wave against cloud-facing software with an unquantified footprint.