Security News > 2025 > February > whoAMI attacks give hackers code execution on Amazon EC2 instances

2025-02-13 23:35
Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name. [...]
News URL
Related news
- Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal (source)
- Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials (source)
- Russian hackers attack Western military mission using malicious drive (source)
- Cisco Webex bug lets hackers gain code execution via meeting links (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- Hackers abuse Zoom remote control feature for crypto-theft attacks (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Lazarus hackers breach six companies in watering hole attacks (source)
- Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool (source)
- Chinese hackers behind attacks targeting SAP NetWeaver servers (source)