More results...
The JFrog Security Research team has uncovered a sophisticated malicious package named “chimera-sandbox-extensions” on the Python Package Index (PyPI), a widely used repository for Python software. Uploaded by a user identified as “ch…
In May 2025, AWS disclosed a critical remote code execution (RCE) vulnerability, CVE-2025-4318, in the @aws-amplify/codegen-ui package—a core dependency for AWS Amplify Studio’s UI code generation pipeline. The flaw, rated 9.5 on the CVSS scale, stemme…
Infoblox reveals Hazy Hawk, a new threat exploiting abandoned cloud resources (S3, Azure) and DNS gaps since Dec…
Managing multiple AWS accounts in an organization can get complicated, especially when trying to understand how services and permissions are connected. The Account Assessment for AWS Organizations open-source tool helps simplify this process by giving …
A new AWS study finds generative AI has become the top budget priority for 2025, surpassing cybersecurity, as businesses accelerate adoption and face talent gaps.
The post AWS Study: Generative AI Tops Corporate Budget Priorities, Surpassing Cybersecurity appeared first on eSecurity Planet.
Security researchers at Elastic have recreated the intricate details of the February 21, 2025, ByBit cryptocurrency heist, where approximately 400,000 ETH-valued at over a billion dollars-was stolen. Attributed to North Korea’s elite cyber unit, Trader…
New research shows Google Cloud and smaller providers have the highest cloud vulnerability rates as compared to AWS…
A recent investigation by security researchers has exposed critical vulnerabilities in the default IAM roles of several Amazon Web Services (AWS) offerings, including SageMaker, Glue, and EMR, as well as open-source projects like Ray. These roles, ofte…
Researchers reveal a large-scale ransomware campaign leveraging over 1,200 stolen AWS access keys to encrypt S3 buckets. Learn…
YES3 Scanner is an open-source tool that scans and analyzes 10+ different configuration items for your S3 buckets in AWS. This includes access such as public access via ACLs and bucket policies – including the complex combinations of account and …