Weekly AWS Security News
CVEs, service updates, breach analysis, and threat intelligence. Your curated weekly digest for cloud security professionals.
By Toc Consulting - AWS Security & Cloud Architecture
Week 13 - Mar 23-30, 2026
European Commission AWS account breached with 350+ GB stolen, LiteLLM supply chain compromise targets AWS IMDS credentials, RSAC 2026 showcases Security Hub multicloud vision, and new Route 53 granular IAM permissions launch.
Week 12 - Mar 16-22, 2026
Four AWS Security Bulletins published in a single week, Route 53 Global Resolver reaches GA with DNS filtering, Trivy supply chain compromise hits CI/CD pipelines, and Amazon threat intel exposes Interlock ransomware exploiting a Cisco FMC zero-day 36 days before disclosure.
Week 11 - Mar 10-15, 2026
Security Hub announces multicloud expansion, European Sovereign Cloud achieves SOC 2 and C5 compliance, IAM Roles Anywhere gets post-quantum ML-DSA support, and Inspector Classic end-of-life announced for May 2026.
Week 10 - Mar 3-9, 2026
Amazon Bedrock AgentCore Policy GA uses Cedar for natural-language agent controls. AWS simplifies IAM role creation with inline panels. DESC 2026 certification audit completed for Middle East (UAE).
Week 9 - Feb 24 - Mar 2, 2026
The biggest week of the quarter. Security Hub Extended Plan GA with 14+ partners, LexisNexis AWS breach exposes 2 GB of data, three AWS-LC cryptographic library CVEs, and VPC Encryption Controls move to paid pricing.
Week 8 - Feb 17-23, 2026
Amazon publishes threat intelligence on an AI-augmented campaign that compromised 600+ FortiGate devices across 55 countries. New agent plugins for AWS development tools. Kiro IDE expands to GovCloud.
Week 7 - Feb 10-16, 2026
Amazon Aurora enables encryption at rest by default for all new clusters. AWS Backup adds PrivateLink for SAP HANA workloads. Elastic Beanstalk ships Windows Server security patches.
Week 6 - Feb 3-9, 2026
Security Groups get a "Related Resources" tab showing all dependent resources, Security Agent adds shared VPC penetration testing, and Claude Opus 4.6 arrives in Amazon Bedrock.
Week 5 - Jan 27 - Feb 2, 2026
STS OIDC federation enhancements go live, SageMaker adds PrivateLink, and Amazon Threat Intelligence begins tracking an AI-augmented campaign compromising FortiGate devices at scale.
Week 4 - Jan 20-26, 2026
Security Agent adds GitHub Enterprise support, Network Firewall gets GenAI traffic filtering, S3 lets you change encryption type without re-uploading, and STS validates OIDC identity provider claims.
Week 3 - Jan 13-19, 2026
AWS European Sovereign Cloud launches with initial services - a physically and logically separate cloud operated exclusively by EU residents under German law. The Sovereign Reference Framework establishes the governance model.
Week 2 - Jan 6-12, 2026
High-severity command injection CVE in Kiro IDE (CVSS 8.4), AWS Client VPN gets simplified onboarding, and AWS is named ISG Leader for Sovereign Cloud for the third consecutive year.
Week 1 - Jan 1-5, 2026
AWS announces S3 SSE-C encryption will be disabled by default starting April 2026, closing a known ransomware vector. Security Hub and Security Agent updates from re:Invent 2025 continue rolling out.
Stay Ahead of AWS Security Changes
We publish a new digest every week covering the most impactful AWS security announcements, CVEs, and threat intelligence. Bookmark this page or contact us for custom briefings.
Get in Touch