CSOonline

ECScape: New AWS ECS flaw lets containers hijack IAM roles without breaking out

Naor Haziz’s discovery shows how a compromised container on EC2-backed ECS tasks can impersonate the ECS agent and steal IAM credentials from other tasks—without host access. At Black Hat USA 2025, ...
Virtualization Review

Making the Case for Static Container Images in AWS ECS

One of the big reasons why Amazon recommends that you do not dynamically update a container is because doing so can adversely impact your workload's ability to scale to accommodate demand spikes.