Rhino Security Labs identified two username enumeration vulnerabilities in the AWS Web Console affecting IAM users. One, CVE-2025-0693, was patched by AWS, while the other is accepted as a risk. The vulnerabilities allow attackers to confirm valid usernames via different error messages for MFA users and timing differences for non-MFA users. Organizations are urged to enable MFA and monitor CloudTrail logs for unusual activity.
Hackers Allegedly Claiming Breach OmniGPT, 30,000+ User Accounts Exposed
OmniGPT, an AI chatbot platform, has reportedly been breached, exposing sensitive data for over 30,000 users, including email addresses, phone numbers, API keys, and 34
