New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors

Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017

Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security

New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking

New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads

Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account.
"If executed at scale, this attack could be used to gain access to thousands of accounts," Datadog Security Labs researcher Seth Art said in a report

Headline

New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution

The Hacker News: Latest News