iam — Weekly digest (2026-06-08)
Window: last 7 day(s) · items in window: 117 · top shown: 25
RSS
- Overly Permissive Trust Policy in Harmonix on AWS EKS —
rss:aws-security-bulletins· 2026-06-05 · score 4.15 - Customize federated sign-in with new Amazon Cognito Lambda trigger —
rss:aws-security-blog· 2026-06-04 · score 3.52 - Simplified permissions for Amazon S3 Tables and Iceberg materialized views are now available in AWS GovCloud (US) Regions —
rss:aws-whats-new· 2026-06-05 · score 3.16 - The AWS MCP Server now supports cross-account and cross-role access —
rss:aws-whats-new· 2026-06-05 · score 3.09 - Amazon Cognito now supports multi-Region replication —
rss:aws-whats-new· 2026-06-04 · score 3.02 - Issue with AWS Ops Wheel (CVE-2026-6911 and CVE-2026-6912 —
rss:aws-security-bulletins· 2026-06-05 · score 2.90 - CVE-2026-6550 - Key commitment policy bypass via shared key cache in AWS Encryption SDK for Python —
rss:aws-security-bulletins· 2026-06-05 · score 2.90 - Issues with AWS Research and Engineering Studio (RES) —
rss:aws-security-bulletins· 2026-06-05 · score 2.90 - Amazon Q Developer and Kiro – Prompt Injection Issues in Kiro and Q IDE plugins —
rss:aws-security-bulletins· 2026-06-05 · score 2.90 - Amazon SageMaker adds permissions boundaries for SCP compliance —
rss:aws-whats-new· 2026-06-01 · score 2.73 - Building secure B2C applications with fine-grained access control using Amazon Cognito and Amazon Verified Permissions —
rss:aws-security-blog· 2026-06-05 · score 2.64 - Amazon Cognito unlocks advanced capabilities with next-generation infrastructure —
rss:aws-security-blog· 2026-06-04 · score 2.54 - Amazon Bedrock AgentCore Runtime introduces interactive shells for terminal access into agent sessions —
rss:aws-whats-new· 2026-06-05 · score 2.41 - AWS IoT Device Management adds MQTT session data to connectivity status API —
rss:aws-whats-new· 2026-06-03 · score 2.19 - Amazon SageMaker Studio now sets up in seconds with model customization ready from the start —
rss:aws-whats-new· 2026-06-02 · score 2.07 - Amazon OpenSearch UI is now available in GovCloud regions —
rss:aws-whats-new· 2026-06-05 · score 1.65 - CVE-2026-10584 - HTTPS Fallback to HTTP in Graph Explorer —
rss:aws-security-bulletins· 2026-06-05 · score 1.65 - CVE-2026-10591 - Kiro IDE Insufficient File Write Restrictions to Execution-Sensitive Paths —
rss:aws-security-bulletins· 2026-06-05 · score 1.65 - CVE-2026-9291 - Insecure Deserialization in Amazon Braket SDK Job Results Processing —
rss:aws-security-bulletins· 2026-06-05 · score 1.65 - CVE-2026-9255 - Tool Execution Without Authorization via Piped Stdin in Kiro CLI —
rss:aws-security-bulletins· 2026-06-05 · score 1.65 - CVE-2026-9133 - Arbitrary file read in rabbitmq-aws plugin —
rss:aws-security-bulletins· 2026-06-05 · score 1.65 - CVE-2026-8838 - Remote Code Execution in amazon-redshift-python-driver —
rss:aws-security-bulletins· 2026-06-05 · score 1.65 - CVE-2026-8686 - Heap out-of-bounds read in coreMQTT MQTT5 property parsing —
rss:aws-security-bulletins· 2026-06-05 · score 1.65 - Issue with Amazon SageMaker Python SDK - Model artifact integrity verification issues (CVE-2026-8596 & CVE-2026-8597) —
rss:aws-security-bulletins· 2026-06-05 · score 1.65 - Ongoing updates on Copy.fail and variants —
rss:aws-security-bulletins· 2026-06-05 · score 1.65