AWS Cloud Development Kit flaw exposed accounts to full takeover
October 24, 2024 at 06:42PM Amazon Web Services resolved a critical vulnerability in its Cloud Development Kit (CDK), which allowed potential account hijacking through predictable S3 bucket names. Discovered by Aqua, the flaw affected about 1% of users. AWS has implemented changes in version v2.149.0 to enhance security, requiring user action for older versions. **Meeting … Read more