AWS Continuum launches AI-powered vulnerability management lifecycle platform
Security Tool/Service
Summary
Hide ▲
Show ▼
AWS Continuum launched in gated preview as a new AI-powered vulnerability management platform for AWS environments, expanding security teams’ ability to manage code flaws from discovery through remediation. The platform combines prioritization, validation, and remediation with access to structured and unstructured organization data, including documents and communications. AWS also bundled AWS Security Agent capabilities for penetration testing, code scanning, and threat modelling, broadening the platform’s defensive reach.
Related Happenings
Anthropic launches Project Glasswing with Claude Mythos for vulnerability discovery
Security Tool/Service
H score58
First: 08.04.2026 12:16
Last: 08.04.2026 12:16
Sources 1
About this happening:
**Anthropic’s Project Glasswing** is now showing measurable results: since launching last month, the **Claude Mythos Preview**-based initiative has uncovered **more than 10,000**...
Anthropic launches Project Glasswing with Claude Mythos for vulnerability discovery
Security Tool/ServiceAbout this happening: **Anthropic’s Project Glasswing** is now showing measurable results: since launching last month, the **Claude Mythos Preview**-based initiative has uncovered **more than 10,000**...
Latest development: 03.06.2026 14:00
President Donald Trump signed a June 2 executive order that sets up a voluntary framework for developers of covered frontier models to give the US government access for cybersecurity review for up to 30 days before release, while expressly rejecting any mandatory licensing or preclearance requirement. The order directs NSA, CISA, and NIST to build a classified benchmark for determining which models cross the covered threshold and creates an AI cybersecurity clearinghouse led by the Treasury Department. The framework closely echoes Anthropic's Project Glasswing, which gives vetted partners early access to Claude Mythos Preview to scan critical software for vulnerabilities.
TeamPCP cloud-native exploitation campaign
Campaign
H score33
First: 09.02.2026 10:37
Last: 09.02.2026 10:37
Sources 1
About this happening:
**TeamPCP** is a **cloud-native supply-chain campaign** that abuses exposed **Docker APIs**, **Kubernetes clusters**, **Ray dashboards**, **Redis servers**, and **React2Shell (CVE...
TeamPCP cloud-native exploitation campaign
CampaignAbout this happening: **TeamPCP** is a **cloud-native supply-chain campaign** that abuses exposed **Docker APIs**, **Kubernetes clusters**, **Ray dashboards**, **Redis servers**, and **React2Shell (CVE...
Latest development: 23.03.2026 10:31
Researchers uncovered malicious Trivy Docker Hub image tags 0.69.4, 0.69.5, and 0.69.6 tied to TeamPCP; 0.69.5 and 0.69.6 were pushed on March 22 without corresponding GitHub releases or tags. The same reporting says TeamPCP used a compromised service account token to deface all 44 internal repositories in Aqua Security's aquasec-com GitHub organization by renaming them with the tpcp-docs- prefix and exposing them publicly.
Publicly exposed training apps as recurring cloud-entry risk across security vendors
Trend
H score17
First: 21.01.2026 16:00
Last: 21.01.2026 16:00
Sources 1
About this happening:
**Cybersecurity training apps** left exposed on the public Internet are creating a recurring **cloud-entry risk** for **security vendors and enterprise users**. A scan identified...
Publicly exposed training apps as recurring cloud-entry risk across security vendors
TrendAbout this happening: **Cybersecurity training apps** left exposed on the public Internet are creating a recurring **cloud-entry risk** for **security vendors and enterprise users**. A scan identified...
VoidLink AI-generated malware development analysis
Technical Analysis
H score28
First: 21.01.2026 14:51
Last: 21.01.2026 14:51
Sources 1
About this happening:
**VoidLink** is a **Linux-based C2 framework** with **multi-cloud targeting** and **modular implants** built for **credential theft**, **data exfiltration** and **stealthy persist...
VoidLink AI-generated malware development analysis
Technical AnalysisAbout this happening: **VoidLink** is a **Linux-based C2 framework** with **multi-cloud targeting** and **modular implants** built for **credential theft**, **data exfiltration** and **stealthy persist...
AWS CodeBuild ACTOR_ID regex bypass security flaw
Vulnerability
H score33
First: 15.01.2026 21:31
Last: 15.01.2026 21:31
Sources 1
About this happening:
**AWS CodeBuild**'s **ACTOR_ID regex filters** were misconfigured, allowing a build-trigger bypass that could expose privileged GitHub tokens and enable repository takeover. The f...
AWS CodeBuild ACTOR_ID regex bypass security flaw
VulnerabilityAbout this happening: **AWS CodeBuild**'s **ACTOR_ID regex filters** were misconfigured, allowing a build-trigger bypass that could expose privileged GitHub tokens and enable repository takeover. The f...
Timeline
-
19.06.2026 14:00 2 articles · 1h ago
AWS launches Continuum in gated preview at AWS Summit New York
Initial DisclosureAWS launched Continuum in gated preview at AWS Summit New York on June 17, introducing an AI-powered vulnerability management platform for AWS environments that ingests existing vulnerability backlogs, scans the environment, prioritizes findings with evidence-backed context, validates false positives with sandboxed exploit examples, and recommends network, policy, or code-patch remediation. The platform also includes AWS Security Agent for penetration testing, code scanning, and threat modelling, and AWS said the system starts in learn mode with a human in the loop before enforce mode.
Show sources
- AWS Unveils 'Continuum,' an AI-Powered Vulnerability Management Platform — www.infosecurity-magazine.com — 19.06.2026 14:00
- AWS Unveils 'Continuum,' an AI-Powered Vulnerability Management Platform — www.infosecurity-magazine.com — 19.06.2026 14:00