ECScape Post-Compromise Risk in Amazon ECS Enables Cross-Task Credential Theft
Security researcher Naor Haziz discovered a design flaw in Amazon Elastic Container Service (ECS) that allows a compromised container on an EC2 instance to harvest AWS credentials from other containers running on the same host. The technique, known as ECScape, was detailed with a demonstration at Black Hat USA 2025 and does not require breaking out of the container’s environment. Instead, the attacker abuses an undocumented ECS Agent Communication Service protocol to impersonate the ECS agent itself. The intrusion chain begins when a low-privileged container queries the Instance Metadata Service to obtain the host’s IAM role credentials, which the real ECS agent uses typically. With these credentials, the attacker initiates a forged WebSocket connection to AWS’s ECS backend, mimicking the legitimate agent and requesting credential data for every running task on that host. This results in the delivery of IAM role credentials for both application and execution roles, granting access to resources ranging from S3 backups to Secrets Manager secrets and private container registries. Because the stolen keys behave exactly like the originals, all subsequent activity appears legitimate in AWS CloudTrail, allowing the attacker to operate under the identity of more privileged tasks without triggering immediate suspicion. The flaw affects ECS environments using the EC2 launch type, where multiple tasks with different privilege levels share the same host. It works under default ECS configurations and does not rely on misconfigured IAM policies, meaning any organization running mixed-trust workloads on shared EC2 instances is exposed. Once an attacker gains a foothold in any container, they can escalate privileges, perform lateral movement, and extract sensitive data without leaving obvious signs of compromise. Although AWS acknowledged the research, it classified the behavior as “working as designed” and issued documentation updates rather than a code change. Suggested defenses include running critical workloads on dedicated EC2 hosts or migrating them to AWS Fargate, which isolates each task in its micro-VM, removing the shared host risk. Additional mitigations involve restricting container access to the Instance Metadata Service, enforcing IMDSv2, limiting ECS agent permissions, and applying strict least-privilege IAM policies. Network monitoring for suspicious ECS API usage and abnormal role activity can help identify an active intrusion, but prevention remains the most effective defense. The key lesson is that in ECS on EC2, the security of all tasks is only as strong as the most easily compromised container on the host.
Windows UAC Bypass Allows Silent Privilege Escalation Post-Compromise
Security researcher Matan Bahar has identified a Windows privilege escalation technique that abuses eudcedit[.]exe, the operating system’s built-in Private Character Editor, to bypass User Account Control (UAC) and gain administrative privileges without user approval. Eudcedit[.]exe, located in C:\Windows\System32 and used for creating custom End-User Defined Characters (EUDC), contains a manifest with two key directives: one requiring it to run with administrator rights and another instructing Windows to auto-elevate it for trusted binaries without prompting administrative users. When combined with permissive UAC settings, including “Elevate without prompting,” it can instantly launch other programs with full system privileges. In an attack chain, an adversary who already has local access—through phishing, malicious attachments, remote access tools, or lateral movement—can execute eudcedit[.]exe, navigate to “File” > “Font Links,” select the second option, and use “Save As” to run “PowerShell” instead of saving a file. This spawns a high-integrity PowerShell session without triggering a UAC prompt, allowing the attacker to run administrative commands, disable defenses, or deploy further payloads. The method does not rely on exploiting a coding flaw, but rather abuses intended Windows behavior for certain signed, trusted binaries. Because it works on fully patched systems and does not require modifying the binary, the technique is effective in any environment with relaxed UAC enforcement and administrative accounts. There is no confirmed widespread exploitation, but the simplicity and reliability make it viable in targeted intrusions. It is strictly a post-compromise technique that cannot be used to gain initial access, meaning it typically appears after a system has already been breached. Organizations can reduce risk by tightening UAC policies to require prompts for all elevation requests, limiting administrative group memberships, and monitoring for unusual executions of eudcedit[.]exe or other auto-elevated binaries. This discovery reinforces the importance of reviewing built-in Windows tools in security audits, as trusted system utilities can become stealthy enablers of privilege escalation when combined with weak configuration policies.
Update: SocGholish Malware Now Uses Malicious Web Redirects to Enable Ransomware Groups
SocGholish, also known as FakeUpdates, is a JavaScript-based malware operated by the group TA569, also tracked as Gold Prelude, Mustard Tempest, Purple Vallhund, and UNC1543. This malware has been active for several years, with public reporting on it going back to at least 2018. With an updated delivery method, it now primarily spreads through hacked websites that display fake update prompts for browsers, including Chrome and Firefox, as well as for other software, such as Microsoft Teams and Adobe Flash Player. Infections typically begin when attackers inject malicious JavaScript directly into a website’s code or through an additional JavaScript file that subsequently loads the actual payload. Recently, the group has expanded its reach by using malicious web redirect services, including Parrot TDS and Keitaro TDS. These systems verify each visitor’s details (location, browser type, and other identifiers) before determining whether to direct them to a malicious landing page. This careful filtering enables attackers to avoid wasting resources on unimportant visitors, security researchers, or automated scans, while ensuring that high-value targets are infected. Once on the landing page, victims are infected with the SocGholish malware, which immediately grants attackers remote access to the system. After infection, the access is sold to other criminal groups in a Malware-as-a-Service model, including high-profile ransomware and banking trojan operators, including but not limited to Evil Corp, LockBit, Dridex, and Raspberry Robin affiliates. In some cases, Raspberry Robin has even been used to deliver SocGholish, showing strong collaboration between these groups. Keitaro TDS, in particular, is well known for being involved in major malware operations and is difficult to block entirely because it is also used for legitimate purposes. SocGholish’s command-and-control servers track each infection in real-time and will stop delivering malicious files if the visitor does not meet its targeting rules, helping it stay hidden for longer. By controlling who gets infected and serving as a reliable entry point for other attackers, SocGholish has become a trusted tool in the cybercriminal market, playing a key role in delivering ransomware, stealing credentials, and spreading other high-impact threats.
Top CVEs of the Week
Top CVEs of the Week – As part of our ongoing vulnerability monitoring, the following CVEs highlight recent security issues that could affect a range of systems, applications, and devices. These findings reflect the constantly evolving threat landscape and reinforce the importance of timely patching, secure configurations, and proactive security practices. Below is a summary of notable vulnerabilities, including their impact and any available remediation guidance.
