Researchers uncovered a critical vulnerability in Amazon Web Services (AWS) involving Amazon Machine Images (AMIs). Dubbed the “whoAMI” attack, this exploit leverages a name confusion attack, a subset of supply chain attacks, to gain unauthorized code execution within AWS accounts. The vulnerability arises from misconfigured software that retrieves AMIs without properly specifying trusted owners, potentially
The post Amazon Machine Image Name Confusion Attack Let Attackers Publish Resource appeared first on Cyber Security News. Read More