Amazon EC2 instances under fire from whoAMI attacks potentially giving hackers code execution access
A flaw named WhoAMI was found in Amazon Machine Image It allows threat actors to gain RCE abilities on people’s…
Tag: whoAMI
New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution
Feb 14, 2025Ravie LakshmananVulnerability / DevOps Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that…
whoAMI name confusion attacks can expose AWS accounts to malicious code execution
If the “owners” attribute is omitted when searching for an AMI, the researchers noted, AWS may return results that include…
whoAMI attacks give hackers code execution on Amazon EC2 instances
Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an…