Amazon AWS
Cybercriminals Exploit EC2 Instance Metadata Vulnerability to Launch Attacks on Hosted Websites
Cybercriminals have launched a sophisticated campaign targeting websites hosted on Amazon Web Services (AWS) EC2 instances.
This campaign, observed in March 2025, exploits a vulnerability in EC2 Instance Metadata...
Amazon AWS
86,000+ Healthcare Staff Records Exposed Due to AWS S3 Misconfiguration
A non-password-protected database belonging to ESHYFT, a New Jersey-based HealthTech company, was recently discovered by cybersecurity researcher Jeremiah Fowler.
The database contained over 86,000 records,...
AI
LLMjacking – Hackers Abuse GenAI With AWS NHIs to Hijack Cloud LLMs
In a concerning development, cybercriminals are increasingly targeting cloud-based generative AI (GenAI) services in a new attack vector dubbed "LLMjacking."
These attacks exploit non-human...
Amazon AWS
New Phishing Attack Targets Amazon Prime Users to Steal Login Credentials
A new phishing campaign targeting Amazon Prime users has been identified, aiming to steal login credentials and other sensitive information, including payment details and...
Amazon AWS
Amazon Machine Image Vulnerability Allows Hackers to Publish Fake Resources
A new security vulnerability targeting Amazon Machine Images (AMIs) has emerged, exposing organizations and users to potential exploitation.
Dubbed the "whoAMI name confusion attack," this...
Amazon AWS
Chinese CDN Exploiting AWS & Microsoft Cloud to Host Malicious Websites
A recent investigation by cybersecurity firm Silent Push has revealed how a China-linked Content Delivery Network (CDN), known as FUNNULL, is exploiting major cloud...
Amazon AWS
Hackers Exploit AWS & Microsoft Azure for Large-Scale Cyber Attacks
Silent Push, a cybersecurity research firm, has introduced the term "infrastructure laundering" to describe a sophisticated method used by cybercriminals to exploit legitimate cloud...
Amazon AWS
AWS Warns of Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV
Amazon Web Services (AWS) has issued a critical security advisory highlighting vulnerabilities in specific versions of its native clients for Amazon WorkSpaces, Amazon AppStream...
Amazon AWS
Amazon GuardDuty Enhanced With AI/ML Threat Detection Capabilities for Cloud Security
Amazon has taken a significant step forward to enhance the security of its cloud environment.
The introduction of advanced AI/ML threat detection capabilities in...
Amazon AWS
AWS CDK Vulnerabilities Let Takeover S3 Bucket
A significant security vulnerability was uncovered in the AWS Cloud Development Kit (CDK), an open-source framework widely used by developers to define cloud infrastructure...
Amazon AWS
Hackers Mimic Google, Microsoft & Amazon Domains for Phishing Attacks
Phishing remains a significant concern for both individuals and organizations. Recent findings from ThreatLabz have highlighted the alarming prevalence of phishing attacks targeting major...