Dark Reading

Session Takeover Bug in AWS Apache Airflow Reveals Larger Cloud Risk

A vulnerability in Amazon Web Services' (AWS) Managed Workflows for Apache Airflow (MWAA) could have allowed hackers to access users' sessions, perform remote code execution (RCE), move laterally ...
ZDNet

Misconfigured, old Airflow instances leak Slack, AWS credentials

On Monday, Intezer malware analyst Nicole Fishbein and cybersecurity researcher Ryan Robinson said the instances, vulnerable to data theft, belong to industries including IT, cybersecurity, health, ...
TechRadar

AWS patches worrying security flaw that could have led to AWS Apache Airflow hijacking

Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) carried a flaw which allowed threat actors to hijack people’s sessions and execute malicious code on underlying instances, ...