AWS VDP: Non-Production API Endpoints for the Glue Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

The AWS Glue service was found to have 12 non-production API endpoints that could be accessed using standard IAM credentials without generating any CloudTrail logs. This allowed for silent permission enumeration, where an adversary could determine the permissions of compromised credentials withou...

MAL-2025-2940 Malicious code in aws-glue (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 96424ced6ac0c4b9f671c5f7f03b4b99f7354e1eb2c48aba76f405f078a62ec6 This is a couple of packages with names appearing to be a library for an AWS or other service. Their only behaviour is to call home on installation or import -...

MAL-2025-2935 Malicious code in amzn-aws-glue-ml-libs-python (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e5986d73558862130dbb1317c6a92532786ec34f23d4d88c8fd6273198c5ce45 This is a couple of packages with names appearing to be a library for an AWS or other service. Their only behaviour is to call home on installation or import -...

MAL-2025-2936 Malicious code in amzn-awsglue (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d53712580b3109807a0911c66dab7e45fa9f2968c76e2f31b5f0a23d23b03373 This is a couple of packages with names appearing to be a library for an AWS or other service. Their only behaviour is to call home on installation or import -...

Malicious code in amzn-awsglue (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d53712580b3109807a0911c66dab7e45fa9f2968c76e2f31b5f0a23d23b03373 This is a couple of packages with names appearing to be a library for an AWS or other service. Their only behaviour is to call home on installation or import -...

Malicious code in aws-glue (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 96424ced6ac0c4b9f671c5f7f03b4b99f7354e1eb2c48aba76f405f078a62ec6 This is a couple of packages with names appearing to be a library for an AWS or other service. Their only behaviour is to call home on installation or import -...

Amazon AWS aws-glue-with-s2s-vpn Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Amazon AWS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of AWS Glue. When installed from the official GitHub repository, the...

Amazon AWS Glue Database Password Disclosure

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Database Passwords in Server Response product: Amazon AWS Glue vulnerable version: until 2024-02-23 fixed version: as of 2024-02-23 CVE number: - impact: medium homepage:...

Microsoft Azure 'AutoWarp' Bug Could Have Let Attackers Access Customers' Accounts

Details have been disclosed about a now-addressed critical vulnerability in Microsoft's Azure Automation service that could have permitted unauthorized access to other Azure customer accounts and take over control. "This attack could mean full control over resources and data belonging to the...

Serverless ETLs? Easy Data Lake Transformations using AWS Athena

In a data lake raw data is added with little or no processing, allowing you to query it straight away. This gives you a great way to learn about your data - whether it represents a quick win or a fast fall. However, there are two disadvantages: performance and costs. If, for example you added CSV...