AWS Security Digest #256 - TY Mythos

The accidental release of a test IAM managed policy underscores a perennial challenge for cloud operators: ensuring that development artifacts never reach production. While IAM Trail’s detection prevented immediate damage, the episode reveals that automated policy pipelines lack sufficient gatekeeping. Organizations should enforce immutable policy repositories, require multi‑person approvals, and integrate real‑time monitoring to catch such anomalies before they affect live workloads.

The appearance of a Mythos‑identified flaw in bulletin 2026‑015 marks a watershed moment for AI‑assisted vulnerability discovery. Project Glasswing, backed by $100 million in usage credits, equips AWS with large‑scale code‑analysis capabilities that can surface decades‑old bugs, as seen with the OpenBSD and FFmpeg findings. This partnership signals that future security bulletins may increasingly cite Mythos discoveries, urging customers to adopt continuous scanning and to stay abreast of AWS‑issued mitigations.

Separately, the AgentCore sandbox escape and the notyet tool highlight systemic weaknesses in isolation and IAM propagation. AgentCore’s DNS loophole and unrestricted IAM role creation enable a compromised agent to pivot across services, while notyet exploits the four‑second global propagation delay of key deactivation to mint new credentials. The most reliable containment now lies in Service Control Policies (SCPs) at the organization level. Coupled with the flurry of Amazon Linux 2023 CVE patches, these incidents reinforce the need for layered defenses: strict least‑privilege IAM, rapid revocation mechanisms, and regular OS patching to safeguard cloud workloads.