AWS Security Digest #262 - Not Private
The May 25 AWS Security Digest warns that a CISA contractor accidentally exposed high‑privilege GovCloud keys on a public GitHub repo, remaining active for 48 hours after discovery. A new wave of supply‑chain attacks, the TeamPCP npm worm, infected Alibaba’s @antv data‑viz suite and harvested AWS credentials via IMDS, ECS metadata and Secrets Manager. The issue also highlights fresh AWS security tooling—Security Agent, Security Hub updates, ExtendDB, and MWAA 3.2—while spotlighting Pathfinding Labs’ 100+ vulnerable AWS environments and Anthropic’s Claude Platform on AWS with strict IAM controls. Finally, an unpatchable Kubernetes vulnerability (CVE‑2021‑25740) threatens multi‑tenant EKS clusters by allowing cross‑namespace traffic hijacking.
AWS Security Digest #260 -
AWS released security bulletin 2026‑026 and five AL2023 live‑patches to address the Copy Fail kernel vulnerability (CVE‑2026‑31431), which can grant root on Linux instances from the past eight years. Live‑patches provide an immediate mitigation for customers who cannot reboot, while full kernel...
AWS Security Digest #258 - Vercel of Secrets
Vercel disclosed a security incident on April 19, 2026 after an attacker leveraged a compromised third‑party AI productivity tool, Context.ai, to hijack an employee’s Google Workspace account and pivot into Vercel. The breach allowed the threat actor to enumerate and...
AWS Security Digest #256 - TY Mythos
AWS inadvertently pushed a test IAM managed policy into production, a slip caught by IAM Trail. The incident coincides with the first Mythos‑reported vulnerability appearing in AWS security bulletin 2026‑015, highlighting AI‑driven code‑scanning efforts under Project Glasswing. Research disclosed critical flaws in...
AWS Security Digest #250 - Objects
AWS’s me‑central‑1 availability zone suffered a fire caused by stray objects, knocking EC2 APIs offline for several hours. The digest also highlights a wave of new AWS security features, including EventBridge notifications for Network Firewall, persistent RAM share handling, an...
AWS Security Digest #248 - MCPs Denied
AWS introduced new IAM condition keys that specifically target requests routed through Managed Control Plane (MCP) servers, allowing administrators to deny actions taken via that path. The feature is designed to mitigate risks posed by AI agents that programmatically call...