LinkzineJun 18

AI-generated patches slow Linux ARM64; AWS bets big on agentic everything

AI-generated patches are backing up Will Deacon's ARM64 review queue, AWS is shipping agents that act before asking permission, and the LeadDev piece quietly explains why your deployment metrics no longer mean what you think they mean.

https://linkzine.com/2026/06/18/ai-generated-patches-slow-linux-arm64-aws-bets-big-on-agentic-everything/

OffSequenceJun 17
🚨 CRITICAL: CVE-2026-12530 impacts AWS Bedrock AgentCore Python SDK (v1.1.3 – 1.6.1). Incomplete input sanitization in install_packages() lets attackers abuse pip flags. Update now! https://radar.offseq.com/threat/cve-2026-12530-improper-neutralization-of-argument-917f42dfcc3cfd56 #OffSeq #AWSSecurity #Python #CVE2026_12530
N-gated Hacker NewsMay 26
🥳🎉 Congratulations, digital locksmith! You've managed to trick AWS with a trailing slash, earning a whopping $12,000 for adding punctuation like a grammar vigilante. 🧐 Apparently, security now hangs by a thread, or rather, a single character—truly groundbreaking stuff in the world of #fintech babysitting. 🔓💰
https://theguptalog.blogspot.com/2026/04/i-bypassed-aws-api-gateway-auth-with.html #digitallocksmith #AWSsecurity #cybersecurity #punctuationhack #HackerNews #ngated
I bypassed AWS API Gateway auth with a trailing slash. Got $12K bounty.

(See original article:  I bypassed AWS API Gateway auth with a trailing slash. Got $12K bounty. ) I was poking at a fintech’s mobile API an...

Cybersecurity Threat SurfaceMay 6

🔴 NEW: 1 Leaked AWS Key = Full Cloud Takeover (Here's How)

One leaked AWS key can cost you $47,000 overnight. Learn how attackers find your credentials in seconds, escalate privileges silently, and how to stop them. Real incidents. Real fixes. Act now.

0:00

https://www.youtube.com/watch?v=UQwVZNNQvvs

#AWSSecurity #CloudSecurity #IAMBestPractices #DevSecOps #Cybersecurity2024 #AWSaccesskeysecurity #cloudcredentialleak #IAMprivilegeescalation

1 Leaked AWS Key = Full Cloud Takeover (Here's How)

YouTube
Crucial ExamsFeb 26
Now on Crucial Exams: AWS Certified Security Specialty (SCS-C03) - 250 practice questions and 220 flashcards to help you pass. Start studying: https://crucialexams.com/s/hjqNttCN #AWSSecurity
theOmegabitDec 19, 2025

Some new monitor ideas for detections #awssecurity

https://medium.com/@adan.alvarez/phishing-for-aws-credentials-via-the-new-aws-login-flow-39f6969b4eae

theOmegabitDec 18, 2025

Ok this is pretty cool.

#awssecurity #aws https://securitylabs.datadoghq.com/articles/introducing-pathfinding.cloud/

Introducing Pathfinding.cloud | Datadog Security Labs

Introducing Pathfinding.cloud, a library of AWS IAM privilege escalation paths

theOmegabitDec 15, 2025

Behind the curtain - AWS Lambda Managed Instances: A Security Overview #awssecurity #cloudsecurity

https://www.offensai.com/blog/aws-lambda-managed-instances-security-overview

AWS Lambda Managed Instances: A Security Overview

An initial security overview of AWS Lambda Managed Instances, exploring the Bottlerocket-based architecture, the 'Elevator' components, and security insights for this new compute model.

OFFENSAI
theOmegabitDec 2, 2025

Nice

Extended threat detection for EC2 and ECS

https://aws.amazon.com/blogs/aws/amazon-guardduty-adds-extended-threat-detection-for-amazon-ec2-and-amazon-ecs/

AWS real-time risk prioritization (was preview now GA)

https://aws.amazon.com/blogs/aws/aws-security-hub-now-generally-available-with-near-real-time-analytics-and-risk-prioritization/

AWS Security Agent (for appsec/dev)

https://aws.amazon.com/blogs/aws/new-aws-security-agent-secures-applications-proactively-from-design-to-deployment-preview/

#awssecurity #aws #AWSreInvent

Amazon GuardDuty adds Extended Threat Detection for Amazon EC2 and Amazon ECS | Amazon Web Services

Today, we’re announcing new enhancements to Amazon GuardDuty Extended Threat Detection with the addition of two attack sequence findings for Amazon Elastic Compute Cloud (Amazon EC2) instances and Amazon Elastic Container Service (Amazon ECS) tasks. These new findings build on the existing Extended Threat Detection capabilities, which already combine sequences involving AWS Identity and Access […]

Amazon Web Services
エミリーSEレクトNov 3, 2025

AWS DevSecOps Training || Learn End-to-End CICD + Security Automation

https://www.emilyselect.com/aws-devsecops-training-learn-end-to-end-cicd-security-automation/?feed_id=2716&_unique_id=6908271f30dc4&Mastodon

#awscicdproject #awsdevsecopsproject #awssecurity #awstraining #cicdpipelinewithdevsecops #devopsandsecurity #devopsautomation #devopstraining #devsecopscertification #devsecopscicdpipeline #devsecopsengineer #devsecopsexplained #devsecopssecurityscan #devsecopstraining #devsecopstra...