whoAMI attacks give hackers code execution on Amazon EC2 instances

whoAMI Attack Exploiting AWS EC2 Instances

thecyberthrone.in - 18/Feb 01:26

The “whoAMI” attack is a sophisticated name confusion attack that targets Amazon Web Services (AWS) accounts, particularly those using EC2...

whoAMI attack could allow remote code execution within AWS account

securityaffairs.co - 17/Feb 09:05

Researchers warn that the whoAMI attack lets attackers publish an AMI with a specific name to execute code in an AWS account. Cybersecurity...

Hackers Exploited 3,000+ ASP.NET Keys To Execute Code on IIS Server Remotely

itsecuritynews.info - 07/Feb 07:32

A recent security incident has revealed that over 3,000 publicly disclosed ASP.NET machine keys were exploited by hackers to execute remote code on...

Critical Ivanti CSA Vulnerability Allows Attackers Remote Code Execution to Gain Restricted Access

itsecuritynews.info - 12/Feb 06:11

A critical vulnerability has been discovered in the Ivanti Cloud Services Application (CSA), potentially allowing attackers to execute remote code and...

Unpatched Marvel Game RCE Exploit Could Let Hackers Take Over PCs & PS5s

itsecuritynews.info - 10/Feb 04:02

A critical security vulnerability has been discovered in the popular online game Marvel Rivals, raising alarms about the potential for hackers to...

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

securityaffairs.co - 19/Feb 12:10

Two OpenSSH vulnerabilities could allow machine-in-the-middle (MitM) and denial-of-service (DoS) attacks under certain conditions. The Qualys Threat...

PostgreSQL Terminal Tool Injection Vulnerability Allows Remote Code Execution

itsecuritynews.info - 14/Feb 08:32

Researchers have uncovered a high-severity SQL injection vulnerability, CVE-2025-1094, affecting PostgreSQL’s interactive terminal tool, psql. ...

Experts discovered PostgreSQL flaw chained with BeyondTrust zeroday in targeted attacks

securityaffairs.co - 14/Feb 09:23

Threat actors are exploiting a zero-day SQL injection vulnerability in PostgreSQL, according to researchers from cybersecurity firm Rapid7. Rapid7...

Attackers used a public ASP.NET machine to conduct ViewState code injection attacks

securityaffairs.co - 07/Feb 09:31

Microsoft researchers warn that threat actors are delivering the Godzilla framework using a static ASP.NET machine. In December 2024, Microsoft Threat...

Critical UniFi Protect Camera Vulnerability Enables Remote Code Execution Attacks

itsecuritynews.info - 14:32

Ubiquiti Networks has issued an urgent security advisory (Bulletin 046) warning of multiple critical vulnerabilities in its UniFi Protect camera...

Rubriques :