Security Boulevard

AWS Bedrock Agent Permissions: What You Need to Lock Down Before Go-Live

Most Bedrock agents in production are running on the same IAM role they were built with. That role is now a standing identity with access to whatever services got attached during testing, invoking ...
Virtualization Review

Creating an IAM Role for the AWS Fault Injection Simulator

Brien walks through the process of creating an IAM role for the AWS Fault Injection Simulator in order to find out what happens when an EC2 spot instance is interrupted. I recently wrote a blog post ...
InfoQ

AWS Adds Automated Detection of Unused IAM Roles, Users, and Permissions

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
CSOonline

ECScape: New AWS ECS flaw lets containers hijack IAM roles without breaking out

Naor Haziz’s discovery shows how a compromised container on EC2-backed ECS tasks can impersonate the ECS agent and steal IAM credentials from other tasks—without host access. At Black Hat USA 2025, ...
Morning Overview on MSN

TeamPCP compromised the CI/CD pipelines behind Trivy, Checkmarx, and LiteLLM — stealing AWS keys from build servers worldwide

Sometime on March 19, 2026, a poisoned version of the open-source security scanner Trivy slipped into automated build ...