#aws

A hacker group claiming affiliation with Anonymous says it breached GlobalX Airlines, leaking sensitive flight and passenger data…

A new spam campaign is targeting Brazilian users with a clever twist — abusing the free trial period of trusted remote monitoring tools and the country’s electronic invoice system to spread malicious agents.

New research shows Google Cloud and smaller providers have the highest cloud vulnerability rates as compared to AWS…

TM SGNL, a chat app by US-Israeli firm TeleMessage used by Trump officials, halts operations after a breach…

Frankfurt am Main, Germany, 30th April 2025, CyberNewsWire

WorkComposer, an employee monitoring app, has leaked millions of screenshots through an unprotected AWS S3 bucket.

Not every security vulnerability is high risk on its own - but in the hands of an advanced attacker, even small weaknesses can escalate into major breaches. These five real vulnerabilities, uncovered by Intruder’s bug-hunting team, reveal how attackers turn overlooked flaws into serious security incidents. 1. Stealing AWS Credentials with a Redirect Server-Side Request Forgery (SSRF) is a

A list of topics we covered in the week of April 21 to April 27 of 2025

A whistleblower at the National Labor Relations Board (NLRB) alleged last week that denizens of Elon Musk's Department of Government Efficiency (DOGE) siphoned gigabytes of data from the agency's sensitive case files in early March. The whistleblower said accounts created for DOGE at the NLRB downloaded three code repositories from GitHub. Further investigation into one of those code bundles shows it is remarkably similar to a program published in January 2025 by Marko Elez, a 25-year-old DOGE employee who has worked at a number of Musk's companies.

## Summary [Amazon.IonDotnet (ion-dotnet)](https://github.com/amazon-ion/ion-dotnet) is a .NET library with an implementation of the [Ion data serialization format](https://amazon-ion.github.io/ion-docs/). An issue exists in Amazon.IonDotnet and the RawBinaryReader class where, under certain conditions, an actor could trigger an infinite loop condition. ## Impact When reading binary Ion data through Amazon.IonDotnet using the RawBinaryReader class, Amazon.IonDotnet does not check the number of bytes read from the underlying stream while deserializing the binary format. If the Ion data is malformed or truncated, this triggers an infinite loop condition that could potentially result in a denial of service. **Impacted versions: <=1.3.0** ## Patches This issue has been addressed in Amazon.IonDotnet version [1.3.1](https://github.com/amazon-ion/ion-dotnet/releases/tag/v1.3.1). We recommend upgrading to the latest version and ensuring any forked or derivative code is patched to incorp...