ITWire21d
Datadog identifies whoAMI attack; 4% of orgs vulnerable
Datadog’s Security Labs team recently identified a whoAMI attack, a vulnerability in AWS’s Amazon Machine Image (AMI) that could be used to gain access to thousands of accounts if executed at ...
TechRadar24d
Amazon EC2 instances could be under fire from whoAMI technique giving hackers code execution access
A flaw named WhoAMI was found in Amazon Machine Image It allows threat actors to gain RCE abilities on people's AWS accounts A fix has been released, but many users are still yet to update Amazon ...
CSOonline27d
whoAMI name confusion attacks can expose AWS accounts to malicious code execution
Researchers have demonstrated that the attack vector “whoAMI” can impact many private and open-source code repositories. Over 10,000 AWS accounts are vulnerable to this attack, about 1% of the ...
The Hacker News27d
New "whoAMI" Attack Exploits AWS AMI Name Confusion for Remote Code Execution
Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution ...
Bleeping Computer27d
whoAMI attacks give hackers code execution on Amazon EC2 instances
Dubbed "whoAMI," the attack was crafted by DataDog researchers in August 2024, who demonstrated that it's possible for attackers to gain code execution within AWS accounts by exploiting how ...
The Hacker News1mon
Protecting Your Software Supply Chain: Assessing the Risks Before Deployment
Imagine you're considering a new car for your family. Before making a purchase, you evaluate its safety ratings, fuel efficiency, and reliability. You might even take it for a test drive to ensure it ...