Aws

🟢 Low | Source: AWS What’s New Amazon Cognito now supports multi-Region replication, allowing user pool data — including credentials, configurations, and federation settings — to be synchronised to a standby Region in near real-time. This improves authentication resilience by enabling traffic failover during a regional outage without forcing users to re-authenticate. The feature is available as a paid add-on across most major AWS Regions. Architect’s Take: Review your existing Cognito-based authentication architectures for single-Region dependencies and assess whether the Essentials or Plus tier add-on cost is justified by your RTO/RPO requirements. Ensure your incident response runbooks are updated to include Cognito traffic redirection procedures, and validate that federated identity providers (SAML/OIDC) are accessible from the secondary Region before declaring it ready for failover. ...

🟢 Low | Source: AWS Security Blog AWS has introduced a new Lambda trigger for Amazon Cognito that allows developers to customise the federated sign-in process when users authenticate via external identity providers such as SAML, OIDC, or social logins. This enables teams to intercept and modify authentication flows at key points, such as attribute mapping or access decisions, without altering core Cognito configuration. The feature improves flexibility for organisations with complex identity federation requirements. ...

🟢 Low | Source: AWS What’s New AWS IoT Device Management has enhanced its connectivity status API to include detailed MQTT session data, such as session timeout and expiry values, plus optional socket-level details including IP addresses, ports, and VPC endpoint IDs. Unlike the IoT Core GetConnection API, which only retains data for 30 minutes post-disconnect, this API stores connection history indefinitely. This is useful for security auditing, forensic investigation of disconnect events, and monitoring connection patterns across large IoT fleets. ...

🟢 Low | Source: AWS What’s New AWS IoT Device Management has enhanced its connectivity status API to include detailed MQTT session data, such as session timeout and expiry values, plus optional socket-level details including IP addresses, ports, and VPC endpoint IDs. Unlike the AWS IoT Core GetConnection API, which only retains data for 30 minutes post-disconnect, this API stores connection history indefinitely, improving long-term auditability. Access to sensitive socket-level information is controlled via IAM policies, allowing organisations to limit visibility to authorised teams. ...

🟢 Low | Source: AWS What’s New AWS Step Functions now integrates with Amazon Bedrock AgentCore (currently in preview) to allow AI agent reasoning steps — such as document classification and data extraction — to be embedded directly into automated workflows. This enables multiple agents to run in parallel or sequence within a single workflow, with human approval gates and full audit trails via CloudWatch. For security teams, this introduces AI-driven decision-making into business-critical automation pipelines, expanding the attack surface and governance considerations. ...

🟢 Low | Source: AWS What’s New AWS Step Functions now integrates with Amazon Bedrock AgentCore (currently in preview) to allow AI agent reasoning steps within automated workflows. This enables teams to embed LLM-based tasks such as document classification and data extraction directly into orchestrated pipelines, with parallel execution and human approval gates. Audit trails are available via CloudWatch, capturing agent inputs, outputs, and token usage. Architect’s Take: Review IAM permissions granted to Step Functions execution roles that invoke AgentCore harnesses — ensure least-privilege policies are applied, particularly around model invocation and tool access. Treat human approval steps as a mandatory control for any agentic action with write or destructive scope, and validate that CloudWatch audit logging is enabled before promoting any AgentCore-integrated workflow to production. ...

🟢 Low | Source: AWS What’s New OpenAI’s GPT-5.4 model is now generally available on Amazon Bedrock within AWS GovCloud (US-West), extending access to government and regulated-industry customers. The deployment leverages Bedrock’s isolated inference infrastructure, ensuring prompts and responses remain within the customer’s AWS environment and are not used for model training. This expands the options available for sensitive workloads requiring complex reasoning and document analysis under strict compliance controls. Architect’s Take: Evaluate data residency and access control policies before enabling GPT-5.4 for sensitive workloads — confirm that Bedrock resource policies, VPC endpoints, and CloudTrail logging are configured to meet your organisation’s compliance requirements, particularly if handling OFFICIAL-SENSITIVE or equivalent data in GovCloud. ...

🟢 Low | Source: AWS What’s New AWS has added three new execution blocks to Amazon Application Recovery Controller (ARC) Region switch, automating database scaling and failover for Aurora (serverless and provisioned) and Neptune global databases during multi-region failover events. Previously, teams had to manually right-size secondary clusters under incident pressure, adding critical minutes to recovery time. These new blocks remove that manual step, reducing recovery time and human error during regional outages. ...

🟢 Low | Source: AWS What’s New AWS has added three new execution blocks to Amazon Application Recovery Controller (ARC) Region switch, automating database scaling and failover for Aurora (serverless and provisioned) and Neptune global databases during multi-region failover events. Previously, engineers had to manually right-size secondary clusters under incident pressure, adding precious minutes to recovery time. These new blocks remove that manual step, reducing recovery time and human error during outages. ...

🟠 High | Source: The Hacker News A critical remote code execution vulnerability (CVE-2026-23479) in Redis, introduced in version 7.2.0 over two years ago, has been patched following discovery by an autonomous AI-powered bug-hunting tool. The flaw is a use-after-free bug in Redis’s blocking-client handling code, allowing any authenticated user to execute arbitrary operating system commands on the host server. This is significant because Redis is widely deployed across cloud environments as a caching and data store layer, meaning exposure could lead to full host compromise. ...