Dark Reading

Attackers Use Stolen AWS Credentials in Cryptomining Campaign

Threat actors wielding stolen AWS Identity and Access Management (IAM) credentials leverage Amazon EC and EC2 infrastructure ...
CSOonline

ECScape: New AWS ECS flaw lets containers hijack IAM roles without breaking out

Naor Haziz’s discovery shows how a compromised container on EC2-backed ECS tasks can impersonate the ECS agent and steal IAM credentials from other tasks—without host access. At Black Hat USA 2025, ...