Amazon AWS
-
Microsoft Warns of WhatsApp Campaign Delivering Malicious VBS Files
Microsoft says a campaign that began in late February 2026 has used WhatsApp messages to spread malicious VBS files, then used renamed Windows tools and cloud services to help install persistent access on infected systems.
-
European Commission says attackers breached public web infrastructure
The European Commission said attackers broke into cloud systems hosting its Europa websites on March 24 and may have taken data. The sites stayed online, but officials gave few details about what was exposed.
-
Drone strikes damage AWS data centers in UAE and Bahrain
Drone strikes damaged three AWS facilities in the UAE and one in Bahrain, causing outages that affect dozens of cloud services. Structural, power and water damage were reported and recovery work is under way.
-
AWS Payment Cryptography passes PCI PIN audit with zero findings
AWS published an updated PCI PIN compliance package for AWS Payment Cryptography. A PCI PIN Attestation of Compliance shows validation by a QSA with zero findings and a Responsibility Summary clarifies customer obligations.
-
UK data watchdog fines LastPass £1.2m after 2022 breach exposed data of up to 1.6m users
The UK Information Commissioner’s Office fined LastPass £1.2 million over a two-part 2022 breach that exposed personal data for up to 1.6 million UK users, finding failures in technical and organisational security including permissive account-linking policies and missed AWS alerts.
-
Cloudflare says emergency React2Shell patch caused brief network outage
Cloudflare said an emergency change to its Web Application Firewall to mitigate the critical React2Shell vulnerability briefly made its network unavailable, causing widespread 500 errors. The React flaw can allow unauthenticated remote code execution and researchers report active exploitation and circulating proof-of-concept exploits.
-
Researchers find thousands of credentials in JSONFormatter and CodeBeautify archives
Researchers at watchTowr Labs said they recovered over 80,000 files saved to JSONFormatter and CodeBeautify that contained thousands of credentials and sensitive records spanning government, finance, telecoms and other sectors; both sites have temporarily disabled the save feature.
-
Amazon opens invite-only bug bounty for NOVA models to outside researchers
Amazon has launched an invite-only bug bounty program for its NOVA family of language models, allowing select researchers to test and be paid for findings on issues such as prompt injection, jailbreaking and other vulnerabilities, with the company saying the effort will help secure models integrated across Amazon and customer systems.
-
Crimson Collective targets AWS cloud instances to steal data and extort firms
Researchers at Rapid7 said the Crimson Collective has been exploiting exposed AWS credentials to create privileged IAM users, export database and storage snapshots for exfiltration, and issue extortion demands; AWS recommended using short‑term, least‑privileged credentials and provided remediation guidance.
-
Security firm flags in-the-wild exploitation of Pandoc flaw CVE-2025-51591 to target AWS IMDS
Security researchers at Wiz have observed in-the-wild exploitation of CVE-2025-51591, a Pandoc flaw that enables SSRF against AWS EC2 IMDS, with attackers attempting to exfiltrate data via crafted iframes. The activity underscores the importance of IMDSv2 and least-privilege IAM roles to mitigate cloud credential exposure.
