Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Amazon

20 articles

Fortinet Blog Data Breach Amazon Jun 26

From CI/CD to Cloud Data: How Shai Hulud Persistence Leads to Redshift Breach

See how Shai Hulud-linked CI/CD compromise exposed Jenkins credentials, enabled AWS escalation, and led to Redshift breach activity detected by FortiCNAPP

Fortinet Blog →

Help Net Security CVE Amazon Jun 26

Synology issues critical fix for MailPlus Server vulnerabilities

Synology has has fixed critical vulnerabilities in MailPlus Server, a software package used to run private email infrastructure on Synology NAS devices.

2 IOCs

Help Net Security →

Security Affairs CVE Amazon Cisco Jun 26

U.S. CISA adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog

U.S.

1 IOC

Security Affairs →

GBHackers CVE Amazon Cisco Jun 26

CISA Adds Actively Exploited Cisco Unified CM Flaws to KEV Catalog

The U.S.

1 IOC

GBHackers →

SecurityWeek General Amazon Jun 26

Philip Martin Joins Uber as Chief Information Security Officer

Martin brings experience from Coinbase, Palantir, Amazon, and the U.S.

SecurityWeek →

SC Media Vulnerability Disclosure Amazon Jun 25

Did AI kill vulnerability management—or just expose its flaws?

The industry just has to face that vulnerability management has been broken for years.

SC Media →

GBHackers Malware Amazon Jun 25

Shai-Hulud Hades Payload Hits 20 Leo/RStreams npm Packages in Fresh Supply Chain Attack

A fresh supply-chain wave by the Shai-Hulud/Hades family that infected 20 npm packages in the Leo/RStreams ecosystem, an AWS-native event streaming SDK widel...

T1195

GBHackers →

GBHackers Campaigns Amazon Cloudflare Jun 25

Hackers Abuse Cloudflare-Hosted AWS Phishing Domains to Steal Console Logins

A concise but sophisticated phishing campaign that targeted AWS console users by abusing Cloudflare-hosted domains to deliver adversary-in-the-middle (AiTM) ...

T1566 T1078 T1557

GBHackers →

GBHackers General Amazon Jun 25

Agentic Red-Team Tools Flaws Let Hackers Steal API Keys, Escape Sandboxes, and Compromise Hosts

Agentic red-team tools designed for autonomous offensive security operations are themselves vulnerable, allowing attackers to steal API keys, weaponize the a...

GBHackers →

AWS Security Blog General Amazon Jun 24

Restrict AWS Management Console access to expected networks with sign-in resource-based policies and RCPs

Amazon Web Services (AWS) recently announced support for resource-based policies and resource control policies (RCPs) for AWS Sign-In.

AWS Security Blog →

BleepingComputer General Amazon Jun 24

CISA warns of max severity Ubiquiti flaws exploited in attacks

The U.S.

BleepingComputer →

SecurityWeek General Amazon Jun 24

Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs

The flaws allow remote, unauthenticated attackers to make system changes, access underlying accounts, and inject commands. The post Critical Ubiquiti Vulnera...

SecurityWeek →

Security Affairs General Amazon Jun 24

U.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalog

U.S.

Security Affairs →

Help Net Security General Amazon Jun 24

Product showcase: How to evaluate AI SOC platforms and where Prophet AI leads

The Agentic SOC market is loud. Dozens of vendors promise to take alert triage, investigation, and response off your analysts’ plates, but most claims have n...

Help Net Security →

GBHackers CVE Amazon Jun 24

CISA Adds Ubiquiti UniFi OS Flaws to KEV Catalog

The U.S.

3 IOCs

GBHackers →

Security Affairs General Amazon Jun 23

DifyTap: Four Bugs Put over 1 million AI Apps at Risk

Four flaws in Dify exposed cross-tenant data, documents and AI conversations. Two critical bugs enabled unauthenticated access and data theft.

T1041

Security Affairs →

SecurityWeek General Amazon Jun 23

Data Exposure Flaws Threaten Dify AI Platform Powering Over 1 Million Apps

Attackers could abuse Dify's multi-tenant cloud service to read private chats, preview other tenants' documents, and reach internal APIs. The post Data Expos...

SecurityWeek →

Infosecurity Magazine General Amazon Jun 23

OpenAI Expands Daybreak to Help Defenders Patch Flaws

OpenAI expanded Daybreak with a full GPT-5.

Infosecurity Magazine →

GBHackers General Amazon Jun 23

DifyTap Flaws Expose AI Data Across Tenants on Platform Powering 1M+ Apps

A series of critical vulnerabilities in the widely used open-source LLMOps platform Dify, which powers over one million AI applications. These vulnerabilitie...

GBHackers →

GBHackers General Amazon Check Point Jun 23

AWS Urges Organizations to Turn Outbound Blind Spots Into Monitored Checkpoints

When securing an Amazon Web Services (AWS) estate, teams naturally concentrate on inbound protections firewalls, WAFs, and IAM policies because those defense...

T1598

GBHackers →

«Previous page 1 ... 3 4 5 6 7 ... 17 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA