The Hacker News

Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants

July 17, 2025; CVSS 10.0 Entra ID bug via legacy Graph enabled cross-tenant impersonation risking tenant compromise.
GovInfoSecurity

Microsoft Patches Critical Entra ID Flaw

Microsoft is disclosing a vulnerability that allowed hackers to obtain admin access to virtually any cloud instance of ...
InfoQ

AWS Introduces Centralized Root Access Management for Organizations

AWS has introduced a new capability for AWS Organizations members, allowing administrators to centrally manage and restrict root-user access across multiple AWS accounts. This update enhances security ...
CSOonline

S3 shadow buckets leave AWS accounts open to compromise

Attackers can gain access to AWS accounts or sensitive data by creating in advance S3 storage buckets with predictable names that will be automatically used by various services and tools. Researchers ...
Computerworld

Hooking your apps into Amazon Web Services

Connecting your application into the Amazon Web Services (AWS) isn’t complicated, particularly if you’ve done Web service programming on other projects. Before you begin, you’ll need to obtain access ...
InfoQ

AWS Transfer Family Web Apps: Simplified S3 Data Access through the Browser

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...