News

CSO Online2d
ECScape: New AWS ECS flaw lets containers hijack IAM roles without breaking out
Naor Haziz’s discovery shows how a compromised container on EC2-backed ECS tasks can impersonate the ECS agent and steal IAM ...
The Hacker News3d
Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft
While this approach ensures that each task gets credentials for its IAM role and they are delivered at runtime, a leak of the ...
CSO Online4d
Researchers uncover RCE attack chains in popular enterprise credential vaults
Open-source credential management systems HashiCorp Vault and CyberArk Conjur had flaws enabled remote code execution among ...