Bleeping Computer

Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials

A targeted campaign exploited Server-Side Request Forgery (SSRF) vulnerabilities in websites hosted on AWS EC2 instances to extract EC2 Metadata, which could include Identity and Access Management ...
Dark Reading

Microsoft Copilot Studio Exploit Leaks Sensitive Cloud Data

Researchers have exploited a vulnerability in Microsoft's Copilot Studio tool allowing them to make external HTTP requests that can access sensitive information regarding internal services within a ...