Researchers uncovered a critical vulnerability in Amazon Web Services (AWS) involving Amazon Machine Images (AMIs). Dubbed the “whoAMI” attack, this exploit leverages a name confusion attack, a subset of supply chain attacks, to gain unauthorized code execution within AWS accounts. The vulnerability arises from misconfigured software that retrieves AMIs without properly specifying trusted owners, potentially […]
The post Amazon Machine Image Name Confusion Attack Let Attackers Publish Resource appeared first on Cyber Security News.
This article has been indexed from Cyber Security News