Release Date: 17/08/2025 | Issue: 301
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor
When AI agents act like humans, they need to identify like humans
As LLMs and agents act on behalf of users through MCP-based systems, the security paradigm is shifting toward treating AI agents like human users, requiring the same principles of least privilege, credential management, and behavioral visibility that teams have long applied to protect against insider threats. Learn more about extending infrastructure identity governance to AI systems and turning MCP deployments into controlled, auditable, and compliant AI infrastructure components below.
This deep-dive explores Amazon ECS on EC2's internals, focusing on the ECS agent's role, IAM credential delivery mechanisms, and task isolation boundaries between containers sharing the same host.
#aws #containers #explain
This article details "ECScape," a technique allowing malicious containers in Amazon ECS to steal IAM credentials from other tasks on shared EC2 hosts by impersonating the ECS agent's control plane connection.
#attack #aws #containers
The flaws allow attackers to bypass lockouts, evade policy checks, impersonate users, escalate privileges to root level, and execute remote code, leading to full system takeover.
#attack #vault
The Praetoran Labs team researched initial access vectors for red team engagements, focusing on malicious applications distributed through platforms like the Microsoft Store, including OAuth applications and malicious Outlook extensions.
#attack #azure
The guest data of AWS customers running on the AWS Nitro System and Nitro Hypervisor is not at risk from a new attack dubbed L1TF Reloaded. No additional action is required by AWS customers.