The Hacker News

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery ...
InfoQ

AWS Launches Amazon S3 Dual-Layer Server-Side Encryption with Keys Stored in AWS KMS

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
SiliconANGLE

AWS IAM credentials at risk: EleKtra-Leak operation revealed by Unit 42

A new report from Palo Alto Networks Inc.’s Unit 42 warns of a new active campaign targeting exposed Amazon Web Services Inc. identity and access management credentials within public GitHub ...
Computer Weekly

Warning: AWS IAM behaves differently to directory services

Researchers from Israeli security firm Lightspin have identified an issue with configuring identity and access control services on Amazon Web Services (AWS) that could leave many organisations ...
Business Wire

YouAttest Unifies, Automates, and Simplifies Cloud IAM Audits for Hybrid AWS Enterprises

IRVINE, Calif.--(BUSINESS WIRE)--SYouAttest®, a leading provider of Identity Audit and Compliance tools, introduced a new solution that creates a “single source of truth” for security and risk ...
Infosecurity-magazine.com

A 10-Step Best Practice IAM Guide for Azure and AWS

Identity and access management (IAM) is the process of identifying and controlling the access granted to users, devices and services. It is one of the oldest concepts in security, tracing back to the ...