CRN

Hackers Target AWS IMDS And EC2 To Steal Credentials: Wiz Report

‘We uncovered exploitation in the wild of a previously unknown zero-day vulnerability in a popular web service stemming from insecure use of Pandoc,’ said Wiz researchers in a new report.
Bleeping Computer

Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials

A targeted campaign exploited Server-Side Request Forgery (SSRF) vulnerabilities in websites hosted on AWS EC2 instances to extract EC2 Metadata, which could include Identity and Access Management ...