Aws
AI at the Wheel: An LLM Agent Ran a Full Cloud Intrusion in Under an Hour
Sysdig's Threat Research Team documented one of the first in-the-wild intrusions where a large language model agent — not a human — drove the entire post-exploitation chain, pivoting from a marimo RCE to a full PostgreSQL dump in four hops.
LMDeploy CVE-2026-33626: SSRF in LLM Inference Server Exploited 12 Hours After Disclosure, Honeypot Sees AWS IMDS Theft
A 7.5-severity SSRF in Shanghai AI Lab's LMDeploy LLM serving toolkit was hit in the wild within 12h31m of the GitHub advisory. Sysdig's honeypot caught an attacker using the vision-language image loader to scrape AWS instance metadata, then pivot to internal Redis and MySQL.
Three High-Severity Command Injection Flaws in AWS Research and Engineering Studio Give Authenticated Users Root RCE
AWS patches three CVSS 8.8 command injection and privilege escalation bugs in Research and Engineering Studio (RES) — any authenticated user could get root on virtual desktop hosts or the cluster manager.
European Commission Confirms Cloud Breach — Trivy Supply Chain Attack Cascades Into 30+ EU Entities
The European Commission confirms a data breach affecting 30+ EU entities after the compromised Trivy scanner leaked AWS API keys to TeamPCP. ShinyHunters published 92 GB of stolen data.