HotHardware

Severe Amazon ECR Public Gallery Flaw Could Have Facilitated Massive Supply Chain Attack

A researcher at the cloud security company Lightspin recently discovered a flaw in the Amazon Web Services (AWS) Elastic Container Registry (ECR) Public Gallery that threat actors could have exploited ...
InfoQ

AWS Launches Lambda SnapStart for Python and .NET Functions

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Ramya Krishnamoorthy shares a detailed case ...
Bleeping Computer

Malicious PyPI package with 37,000 downloads steals AWS keys

A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers. According to ...
Bleeping Computer

Amazon ECR Public Gallery flaw could have wiped or poisoned any image

A severe security flaw in the Amazon ECR (Elastic Container Registry) Public Gallery could have allowed attackers to delete any container image or inject malicious code into the images of other AWS ...
ZDNet

Tech jobs: Python programming language and AWS skills demand has exploded

The most sought-after tech skills in the US jobs market are SQL and Java, according to an analysis of skills listed in job postings over the past five years. But one of the most striking changes in ...
ZDNet

AWS's AI code reviewer now spots Log4Shell-like bugs in Java and Python code

Amazon Web Services (AWS) has updated the 'detectors' in its CodeGuru Reviewer tool to seek out log injection flaws like the recently disclosed Log4Shell bug in the popular Java logging library Log4J.