AI-Native Foundations and the CVEs That Love Them

AWS Morning Brief for the week of May 11th , with Corey Quinn. Links:Announcing Agent Toolkit for AWS — help AI coding agents build effectively on AWSAmazon CloudFront Announces WebSocket Support for VPC OriginsAmazon EventBridge supports data plane logging to AWS CloudTrailAWS IAM now provides higher maximum quotas for roles, role trust policies, instance profiles, managed policies, and identity providersAWS Marketplace now supports programmatic procurement with Agreements APIThe AWS MCP Server is now generally availableAnnouncing Valkey 9.0 for Amazon ElastiCacheQuery billion-scale vectors with SQL: Integrating Amazon S3 Vectors and Aurora PostgreSQLYou Wanted to Become AI-Native, and All You Got Was a Lousy FoundationCVE-2026-7461 - OS Command Injection in Amazon ECS Agent via FSx Windows File Server Volume CredentialsCVE-2026-7791 - Local Privilege Escalation via TOCTOU Race Condition in Amazon WorkSpaces Skylight AgentCVE-2026-31431

AWS Morning Brief for the week of May 4th, with Corey Quinn. Links:AWS Management Console now supports settings to control service and Region visibility - AWSAmazon CloudWatch adds visual agent configuration to the EC2 consoleAWS Announces Amazon Connect DecisionsAmazon Connect Talent for AI-powered hiring (now available in Preview)Introducing Amazon EC2 R8in and R8ib instancesAmazon OpenSearch Service now supports index-level encryptionAmazon Redshift Serverless AI-driven scaling is now the default for new workgroupsAWS Cost Optimization Hub now supports CSV downloadAWS KMS now tracks last usage of all KMS keysAWS Lambda adds support for Ruby 4.0AWS Marketplace Management Portal now supports bank account deletionAmazon Bedrock now offers OpenAI models, Codex, and Managed Agents (Limited Preview)Amazon CloudFront now supports invalidation by cache tagIntroducing Amazon EC2 C8ine and M8ine instancesIdentifying security risks using AWS Cost and Usage Report dataAmazon Q Developer end-of-support announcementIssue with AWS Ops Wheel (CVE-2026-6911 and CVE-2026-6912Issues in tough library and tuftool CLI utilityCVE-2026-7191- Arbitrary Code Execution via Sandbox Bypass in QnABot on AWSIssue with FreeRTOS-Plus-TCP - MAC Address Validation Bypass and ICMP Echo Reply Integer UnderflowCVE-2026-7424 - Integer Underflow in DHCPv6 Sub-Option Parser in FreeRTOS-Plus-TCPIssue with FreeRTOS-Plus-TCP - IPv6 Router Advertisement Memory Safety Issues

AWS Morning Brief for the week of April 27th, with Corey Quinn. Links:Amazon CloudWatch pipelines now supports configuration of processors via AIIntroducing the Amazon EKS Hybrid Nodes gateway for hybrid Kubernetes networkingAmazon EKS enhances cluster governance with new IAM condition keysAttributed Revenue Dashboard Now Available in AWS Partner CentralAWS Lambda functions can now mount Amazon S3 buckets as file systems with S3 FilesAmazon CloudWatch Logs Insights introduces JOIN and sub-query commandsAWS Lambda Durable Execution SDK for Java GAAmazon S3 Express One Zone now supports S3 InventoryAmazon S3 now supports five additional checksum algorithmsAWS Secrets Manager extends managed external secrets to MongoDB Atlas and Confluent CloudTrack Amazon Bedrock Costs by Caller Identity with IAM Principal-Based Cost AllocationTransforming FinOps with the Latest Amazon Q Cost CapabilitiesAurora Serverless: Faster performance, enhanced scaling, and still scales down to zeroFrom developer desks to the whole organization: Running Claude Cowork in Amazon BedrockGet to your first working agent in minutes: Announcing new features in Amazon Bedrock AgentCoreAutomated network incident response with AWS DevOps AgentAccelerate development workflows with Amazon EBS Volume ClonesTroubleshooting Amazon S3 access denied errors using Kiro CLICVE-2026-6437 - Mount Option Injection in Amazon EFS CSI DriverCVE-2026-6550 - Key commitment policy bypass via shared key cache in AWS Encryption SDK for Python

AWS Morning Brief for the week of April 20th, with Corey Quinn. Links:Amazon CloudWatch now supports cross-region telemetry auditing and enablement rulesIntroducing Amazon EC2 C8in and C8ib instancesAmazon Quick now supports multi-account sign-in within the same browserAmazon WorkSpaces Personal and Amazon WorkSpaces Core are now available in two additional AWS RegionsAWS announces general availability of AWS Interconnect - multicloudAutomate AWS Cost Reporting with Scheduled Dashboard Email DeliveryIntroducing Anthropic’s Claude Opus 4.7 model in Amazon BedrockIntroducing Amazon Bio DiscoveryCVE-2026-5429 - Kiro IDE Webview Cross-Site Scripting via Workspace Color ThemeIssues with Amazon Athena ODBC DriverIssues with AWS Research and Engineering Studio (RES)CVE-2026-5747 - Out-of-bounds Write in Firecracker virtio-pci Transport

AWS Morning Brief for the week of April, 13th with Corey Quinn. Links:AWS Certificate Manager now supports native certificate searchAmazon S3 Lifecycle pauses actions on objects that are unable to replicateAmazon Bedrock now offers Claude Mythos Preview (Gated Research Preview)Amazon OpenSearch Serverless now supports Zstandard (zstd) codec for index compressionAWS Secrets Manager console now supports custom input for AWS KMS keysAmazon Bedrock now supports cost allocation by IAM user and roleAmazon S3 starts rolling out new security best practice to new and existing buckets by defaultIntroducing AI-Powered Cost Analysis in AWS Cost ExplorerLaunching S3 Files, making S3 buckets accessible as file systemsThe future of managing agents at scale: AWS Agent Registry now in previewUnderstanding Amazon Bedrock model lifecycleIntroducing OpenTelemetry & PromQL support in Amazon CloudWatch

AWS Morning Brief for the week of April 6th, with Corey Quinn. Links: Announcing Amazon RDS for Oracle on AWS OutpostsAWS Direct Connect now supports AWS CloudFormationAWS Service Availability UpdatesAmazon S3 Vectors expands to 17 additional AWS RegionsAmazon CloudFront now supports SHA-256 for signed URLs and signed cookiesAmazon CloudWatch now supports OpenTelemetry metrics in public previewAnnouncing compute-optimized instance bundles for Amazon LightsailAnnouncing managed daemon support for Amazon ECS Managed InstancesLeverage Agentic AI for Autonomous Incident Response with AWS DevOps AgentNavigating the NGINX Ingress retirement: A practical guide to migration on AWSOptimizing data transfer costs when using AWS Network Load BalancerAWS Security Agent on-demand penetration testing now generally available

AWS Morning Brief for the week of March 30th, with Corey Quinn. Links:Amazon Aurora PostgreSQL now available with the AWS Free TierAmazon EKS announces 99.99% Service Level Agreement and new 8XL scaling tier for Provisioned Control Plane clustersAWS Lambda increases the file descriptor limit to 4,096 for functions running on Lambda Managed InstancesThe AWS Advanced JDBC Wrapper now supports automatic query caching with ValkeyAnnouncing Amazon Aurora PostgreSQL serverless database creation in secondsEnhancing auto scaling resilience by tracking worker utilization metricsAmazon CloudFront flat-rate pricing plans: new features and expanded capabilitiesIAM policy types: How and when to use themPreparing for agentic AI: A financial services approach

AWS Morning Brief for the week of March 23rd, with Corey Quinn. Links:Amazon Corretto 26 is now generally availableAmazon SimpleDB now supports exporting domain data to Amazon S3AWS CDK Mixins is now generally availableAWS Lambda Managed Instances now supports RustAmazon CloudWatch Logs now supports log ingestion using HTTP-based protocolAWS Lambda now supports Availability Zone metadataExpanding the BOX Program to Business Consulting and Advisory PartnersTwenty years of Amazon S3 and building what’s nextSynchronizing a Backup on-premises Db2 Server with Amazon RDS for Db2AWS and NVIDIA deepen strategic collaboration to accelerate AI from pilot to productionMigrate from Amazon Nova 1 to Amazon Nova 2 on Amazon BedrockEssential security controls to prevent unauthorized account removal in AWS OrganizationsDemystifying Amazon VPC peering chargesAWS and Others Invest $12.5M to Defend the Open Source Ecosystem from AI ThreatsAmazon threat intelligence teams identify Interlock ransomware campaign targeting enterprise firewalls20 years of Amazon S3: A storage professional’s journey to AWS HeroCVE-2026-4270 - AWS API MCP File Access Restriction BypassCVE-2026-4269 - Improper S3 ownership verification in Bedrock AgentCore Starter ToolkitArbitrary code execution via crafted project files in Kiro IDECVE-2026-4428: Issues with AWS-LC - CRL Distribution Point Scope Check Logic Error

AWS Morning Brief for the week of March 16th, with Corey Quinn. Links:Amazon CloudWatch Logs announces increased query concurrency and API limitsIntroducing Amazon Connect Health, Agentic AI Built for HealthcareAmazon Route 53 Global Resolver is now generally availableAWS simplifies IAM role creation and setup in service workflowsDatabase Savings Plans now supports Amazon OpenSearch Service and Amazon Neptune AnalyticsAWS Elastic Beanstalk now offers AI-powered environment analysisAWS Elastic Beanstalk launches Deployments tab with in-progress deployment logsMulti-party approval now supports approval team baseliningAWS announces pricing for VPC Encryption ControlsThe Hidden Price Tag: Uncovering Hidden Costs in Cloud Architectures with the AWS Well-Architected Framework

AWS Morning Brief for the week of March 2nd, with Corey Quinn. Links:Amazon Aurora DSQL launches Playground for interactive database exploration Amazon Redshift Serverless introduces 3-year Serverless ReservationsAmazon S3 now provides AWS source region information in server access logs AWS Compute Optimizer now applies AWS-generated tags to EBS snapshots created during automationAWS Lambda Durable Execution SDK for Java now available in Developer PreviewAWS Trusted Advisor now delivers more accurate unused NAT Gateway checks powered by AWS Compute Optimizer6,000 AWS accounts, three people, one platform: Lessons learnedPetabyte-Scale Cost Optimization: How a Video Hosting Platform Saved 70% on S3Transform live video for mobile audiences with AWS Elemental Inference Migrate Amazon EC2 to ECS Express Mode using Kiro CLI and MCP servers AI-augmented threat actor accesses FortiGate devices at scaleAWS posts “correct the record” piece on AI bot outage