The Hacker News

Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants

July 17, 2025; CVSS 10.0 Entra ID bug via legacy Graph enabled cross-tenant impersonation risking tenant compromise.

Researchers uncover polished ShadowV2 DDoS-as-a-service cloud botnet

Cyber security researchers have uncovered a sophisticated distributed denial-of-service (DDoS) operation that they say blurs ...
The Hacker News

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery ...
SDxCentral

AWS removes storage bandwidth limits for EC2 instances

Amazon Web Services (AWS) eliminated the networking bandwidth burst duration limitations from storage optimized instances ...
CRN

Hackers Target AWS IMDS And EC2 To Steal Credentials: Wiz Report

AWS security vulnerability exploited by threat actors with hackers stealing credentials via AWS IMDS through EC2 instances, ...

Darktrace reveals ShadowV2 botnet exploiting Docker misconfigurations in AWS

The campaign detailed in the report, dubbed “ShadowV2,” is a Python-based command-and-control framework hosted on GitHub ...
Windows Central

Windows 10 end of life: Here's what you NEED to be doing before October 14 to remain secure

Microsoft will pull the plug on support for Windows 10 in just under three weeks time. If you don't take action, your PC will be at risk. Here's everything you need to know and what to do to stay ...