The Hacker News17h
New "whoAMI" Attack Exploits AWS AMI Name Confusion for Remote Code Execution
Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image ( AMI) with a specific name to gain code execution ...
Critical PostgreSQL bug tied to zero-day attack on US Treasury
The vulnerability in the PostgreSQL interactive tool (psql) can lead to arbitrary code execution (ACE) and there is also a ...
whoAMI attacks give hackers code execution on Amazon EC2 instances
Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name.
Ivanti: Critical code smuggling vulnerabilities in VPN and CSA
There are critical security leaks in Ivanti's VPN software ICS, IPS and ISAC as well as in Ivanti CSA. Attackers can plant ...
SecurityWeek3d
Adobe Plugs 45 Software Security Holes, Warns of Code Execution Risks
Adobe patches 45 vulnerabilities across multiple products and warns of remote code execution exploitation risks.