EC2

Hackers Exploit Cloud Native Vulnerabilities to Access AWS EC2 Metadata

Cloud Cybercrime News Vendors

April 10, 2025

Cyber criminals have initiated a campaign aimed at stealing sensitive information from AWS EC2 Instance Metadata by exploiting vulnerabilities known as server-side request forgery (SSRF). Findings from F5 Labs highlight the urgency of migrating to improved security protocols to defend against such attacks.
Amazon Patches Critical Vulnerability in EC2 SSM Agent

Cloud News Vulnerabilities

April 8, 2025

Amazon has addressed a critical vulnerability in its EC2 Simple Systems Manager (SSM) Agent that posed significant risks of privilege escalation and code execution, with the flaw traced back to improper validation of plugin IDs.