Two distinct but compounding cloud security issues affect all three major cloud providers this week. Unit 42 disclosed a systemic architectural flaw in which deleted cloud storage bucket names re-enter a first-come-first-served namespace pool, enabling any attacker with delete permissions to silently redirect audit logs and telemetry streams to attacker-controlled storage — with no configuration change observable by the victim. Separately, CrowdStrike-commissioned survey data documents that 94% of surveyed enterprises have experienced cloud intrusions attributable to control plane visibility gaps, alert fatigue, and tool fragmentation rather than novel attacks. Neither issue has a CVE assignment; both require architectural and operational responses.