AWS Exploited by A New “whoAMI” Attack
AWS Exploited by A New “whoAMI” Attack In February 2025, cybersecurity researchers found out attack vector termed “whoAMI” which exploits misconfigurations in the retrieval of Amazon Machine Images (AMIs) within Amazon Web Services (AWS) environments. This attack leverages a name confusion vulnerability Enabling malicious actors to gain unauthorized code execution privileges within targeted AWS accounts. […]