AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE

Blog

Byadmblake March 17, 2026

Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries. In a report published Monday, BeyondTrust revealed that Amazon Bedrock AgentCore Code Interpreter’s sandbox mode permits outbound DNS queries that an attacker can exploit to enable interactive shells

Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries.
In a report published Monday, BeyondTrust revealed that Amazon Bedrock AgentCore Code Interpreter’s sandbox mode permits outbound DNS queries that an attacker can exploit to enable interactive shells

Blog

Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches

It wasn’t ransomware headlines or zero-day exploits that stood out most in this year’s Verizon 2025 Data Breach Investigations Report (DBIR) — it was what fueled them. Quietly, yet consistently, two underlying factors played a role in some of the worst breaches: third-party exposure and machine credential abuse. According to the 2025 DBIR, third-party involvement…

Read More Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches
Blog

Australian Critical Infrastructure Faces ‘Acute’ Foreign Threats

The continent faces “relentless” military espionage, and increased cyber sabotage at the hands of authoritarian regimes, according to a high-ranking intelligence director.

Read More Australian Critical Infrastructure Faces ‘Acute’ Foreign Threats
Blog

Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware

Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools like LetsVPN and QQ Browser to deliver the Winos 4.0 framework. The campaign, first detected by Rapid7 in February 2025, involves the use of a multi-stage, memory-resident loader called Catena. “Catena uses embedded shellcode and configuration switching logic to…

Read More Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware
Blog

Attackers Abuse Python, Cloudflare to Deliver AsyncRAT

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade detection and gain trust.

Read More Attackers Abuse Python, Cloudflare to Deliver AsyncRAT
Blog

FTC Orders GoDaddy to Fix Inadequate Security Practices

The FTC claims that the Web hosting company’s security failures led to several major breaches in the past few years.

Read More FTC Orders GoDaddy to Fix Inadequate Security Practices
Blog

AWS Enhances Cloud Security With Better Visibility Features

At this week’s re:Inforce 2025 conference, the cloud giant introduced new capabilities to several core security products to provide customers with better visibility and more context on potential threats.

Read More AWS Enhances Cloud Security With Better Visibility Features

Related