SiliconANGLE

AWS IAM credentials at risk: EleKtra-Leak operation revealed by Unit 42

A new report from Palo Alto Networks Inc.’s Unit 42 warns of a new active campaign targeting exposed Amazon Web Services Inc. identity and access management credentials within public GitHub ...
Business Wire

YouAttest Unifies, Automates, and Simplifies Cloud IAM Audits for Hybrid AWS Enterprises

IRVINE, Calif.--(BUSINESS WIRE)--SYouAttest®, a leading provider of Identity Audit and Compliance tools, introduced a new solution that creates a “single source of truth” for security and risk ...
CSOonline

ECScape: New AWS ECS flaw lets containers hijack IAM roles without breaking out

Naor Haziz’s discovery shows how a compromised container on EC2-backed ECS tasks can impersonate the ECS agent and steal IAM credentials from other tasks—without host access. At Black Hat USA 2025, ...
Bleeping Computer

Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials

A targeted campaign exploited Server-Side Request Forgery (SSRF) vulnerabilities in websites hosted on AWS EC2 instances to extract EC2 Metadata, which could include Identity and Access Management ...