https://cybercrime.club/tags/bucket-squatting/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usThu, 18 Jun 2026 11:11:42 -0400https://cybercrime.club/posts/vertex-ai-pickle-in-the-middle-bucket-squatting-cross-tenant-rce/Thu, 18 Jun 2026 11:11:42 -0400https://cybercrime.club/posts/vertex-ai-pickle-in-the-middle-bucket-squatting-cross-tenant-rce/Unit 42's 'Pickle in the Middle' shows how a predictable staging-bucket name in the Vertex AI Python SDK let an attacker hijack model uploads and run code cross-tenant. Patched in google-cloud-aiplatform 1.148.0.vulnerabilities