Security News > 2025 > February > New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution
2025-02-14 18:42
Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account. "If executed at scale, this attack could be used to gain access to thousands of accounts," Datadog Security Labs researcher Seth Art said in a report
News URL
https://thehackernews.com/2025/02/new-whoami-attack-exploits-aws-ami-name.html
Related news
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution (source)
- WordPress security plugin WP Ghost vulnerable to remote code execution bug (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks (source)
- ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK? (source)