Preventing anonymous privilege escalation via misconfigured OIDC roles: defensive strategies and AWS's improvements| Hack to Def
Discover how to identify and exploit misconfigured AWS IAM roles using GitLab OIDC, with a detailed, step-by-step guide.| Hacking The Cloud
The Sysdig Threat Research Team found new attack that targets large language model (LLM) services, known as LLMjacking.| Sysdig
Public disclosure of a vulnerability in AWS Amplify which exposed IAM roles associated with Amplify projects to be assumed by anyone in the world.| securitylabs.datadoghq.com
On March 25, AWS released a new feature that helps enforcing IMDSv2 at the region level by default for newly-launched instances.| Christophe Tafani-Dereeper
Common misconfigurations of resource-based policies and how they can be abused.| hackingthe.cloud
How to abuse AWS Organizations' default behavior and lateral movement capabilities.| hackingthe.cloud
How to work with stolen IAM credentials and things to consider.| hackingthe.cloud
Old faithful; How to steal IAM Role credentials from the EC2 Metadata service via SSRF.| hackingthe.cloud
