Hackers Exploit SSRF Bugs in EC2-Hosted Sites to Steal AWS Credentials

Hackers are exploiting SSRF (Server-Side Request Forgery) vulnerabilities in sites hosted on EC2 to steal AWS credentials. These attacks allow hackers to access the metadata of EC2 instances, where AWS credentials are often stored. The hackers then use these credentials to access AWS services and potentially compromise other resources.