A sophisticated threat actor has leveraged a private Out-of-band Application Security Testing (OAST) service hosted on Google Cloud to conduct large-scale attacks targeting over 200 CVEs, primarily focusing on Canary Systems in Brazil. Researchers from VulnCheck noted approximately 1,400 exploit attempts, employing modified Nuclei templates and custom Java payloads to probe vulnerabilities, including a notable remote code execution flaw in Ivanti Endpoint Manager Mobile. Utilizing Google Cloud infrastructure, the attackers can blend malicious activities with legitimate traffic, complicating defenses. Security teams are urged to monitor callbacks to the domain detectors-testing.com and ensure patching against the identified vulnerabilities, emphasizing the critical need for ongoing network vigilance and regular vulnerability assessments.