Cloud Networking Aligns as AWS Expands AI and Operations Tools

AWS and Google Cloud Launch Joint Multicloud Networking

🔗 AWS and Google Cloud announced a jointly engineered multicloud networking solution that integrates AWS Interconnect - multicloud with Google Cloud’s Cross-Cloud Interconnect. The collaboration introduces an open API specification to automate private, high-speed connectivity and shifts multicloud setup from physical circuits to a managed, cloud-native experience. Customers can provision dedicated bandwidth in minutes via console or API, while the service enforces quad redundancy and MACsec encryption for secure, highly available links. The APIs are published openly for other providers and partners to adopt.

Amazon Connect Adds AI-Powered Case Summaries for Agents

🤖 Amazon Connect now offers AI-powered case summaries that let agents generate concise, multi-interaction case overviews with a single click. Summaries capture issue background, actions taken, follow-ups, and recommended next steps to reduce manual wrap-up and speed resolutions. Administrators can configure custom prompts and guardrails to enforce organizational style and compliance.

AWS Lambda Managed Instances — Lambda on EC2, Graviton4

⚙️ AWS Lambda Managed Instances lets you run Lambda functions on Amazon EC2 instances while preserving Lambda's serverless operational model. AWS fully manages instance lifecycle tasks — including OS and runtime patching, routing, load balancing, and autoscaling — and exposes the broad EC2 instance catalog (including Graviton4 and high‑bandwidth networking). You attach functions to a configurable capacity provider via Console, APIs or IaC, and the service integrates with CloudWatch, X‑Ray and AWS Config; current Java, Node.js, Python and .NET runtimes are supported. The feature is now available in US East (N. Virginia, Ohio), US West (Oregon), Asia Pacific (Tokyo) and Europe (Ireland).

Amazon Connect Adds AI Agents for Enhanced Assistance

🤖 Amazon Connect now provides AI agents that guide customer service representatives by recommending actions, retrieving information, and executing routine tasks on their behalf. These agents analyze conversation context and customer sentiment in real time to prepare documentation, calculate refunds, and initiate processes such as product returns. Organizations can choose out-of-the-box agents or customize agent behavior and actions to align with business workflows. The automation reduces agent workload, improves consistency, and lets representatives focus on complex, high-value interactions.

AWS Clean Rooms Adds Synthetic Dataset Generation for ML

🔒 AWS now enables AWS Clean Rooms to generate privacy-enhancing synthetic datasets for training regression and classification ML models without exposing raw records. The capability de-identifies subjects in the original data and reduces the risk of models memorizing sensitive information, allowing partners to collaborate on model training while preserving privacy. Typical use cases include campaign optimization, fraud detection, and medical research.

AWS Bedrock Knowledge Bases Adds Multimodal Retrieval

🔍 AWS has announced general availability of multimodal retrieval in Amazon Bedrock Knowledge Bases, enabling unified search across text, images, audio, and video. The managed Retrieval Augmented Generation (RAG) workflow provides developers full control over ingestion, parsing, chunking, embedding (including Amazon Nova multimodal), and vector storage. Users can submit text or image queries and receive relevant text, image, audio, and video segments back, which can be combined with the LLM of their choice to generate richer, lower-latency responses. Region availability varies by feature set and is documented by AWS.

Amazon Route 53 Global Resolver: Secure Anycast DNS Preview

🌐Amazon announced the preview of Amazon Route 53 Global Resolver, an internet-reachable DNS resolver that offers secure, anycast-based resolution for authorized clients worldwide. It supports split DNS for public domains and Route 53 private hosted zones and integrates DNS Firewall rules to block threat categories, malicious content, and advanced DNS attacks while logging queries centrally. Global Resolver provides high availability via selection of two or more regions for anycast resolution with automatic failover, and AWS will rename the existing Route 53 Resolver to Route 53 VPC Resolver to clarify the difference.

Google and AWS Launch Managed Cross-Cloud Interconnect

🔗 Google Cloud and Amazon Web Services have jointly previewed the Cross‑Cloud Interconnect for AWS, a managed, on‑demand service that provisions private, secure connections between Google Cloud VPCs and AWS VPCs in minutes. The collaboration is published under an open specification to enable partner contributions and wider industry adoption. Preview bandwidth begins at 1 Gbps and will scale to 100 Gbps at GA, with MACsec encryption and managed key rotation as default security controls. The offering emphasizes simplicity, quad‑redundancy, and managed operations to reduce setup from days to minutes.

Amazon Connect adds agentic self-service with Nova Sonic

🤖 Amazon Connect introduces agentic self-service capabilities that enable AI agents to understand, reason, and take action across voice and messaging channels to automate routine and complex customer-service tasks. Nova Sonic speech models deliver more natural, expressive, and adaptive voice interactions that respond to customer tone, sentiment, and pacing across languages and accents. The feature supports blending deterministic and agentic experiences, automating tasks like order lookup, refunds, and troubleshooting while allowing escalation to live agents and is commercially available in US East (N. Virginia) and US West (Oregon) in English and Spanish, with previews for French, Italian, and German.

Amazon EKS Capabilities: Managed Kubernetes Platform

🚀 Amazon EKS Capabilities is now generally available, offering a fully managed, extensible set of Kubernetes-native platform features that offload operations to AWS. The capabilities run in AWS-owned infrastructure separate from customer clusters and AWS handles autoscaling, patching, and upgrades. Launch features include Argo CD for continuous deployment, AWS Controllers for Kubernetes (ACK) for resource management, and Kube Resource Orchestrator (KRO) for dynamic orchestration.

AWS IAM Policy Autopilot generates baseline IAM policies

🔒 AWS announced IAM Policy Autopilot, an open-source MCP server and CLI that analyzes Python, TypeScript, and Go code locally to generate baseline, identity-based IAM policies for application roles. It integrates with AI coding assistants such as Kiro, Claude Code, and Cursor to speed policy creation. The tool stays current with AWS services and is available at no additional cost for local use. Generated policies are intended as starting points that require review and least-privilege refinement.

AWS previews MCP Server for AI agents across AWS ecosystem

🔧 The AWS MCP Server is now in preview and offers a managed remote Model Context Protocol (MCP) interface that consolidates the prior AWS API MCP and AWS Knowledge servers into a single endpoint. It enables AI agents and AI-native IDEs to access AWS documentation, generate and execute calls to over 15,000 APIs, and follow pre-built Agent SOPs to perform multi-step tasks. Authentication and authorization use AWS IAM, and audit logging is provided via CloudTrail; the service is available at no additional cost in US East (N. Virginia), with customers paying only for resources and data transfer.

Amazon Connect adds AI-powered predictive insights (preview)

🤖 Amazon Connect has introduced AI-powered predictive insights in public preview, adding five recommendation algorithms to its Customer Profiles. The capabilities analyze interaction history and behavior to power suggestions across self-service and agent interactions, supporting cross-sell, complementary product suggestions, and intelligent product discovery. The preview is available in multiple AWS regions and uses pay-as-you-go pricing for utilized profiles.

Amazon Connect adds in-flight chat redaction and processing

🔒 Amazon Connect now intercepts chat messages before delivery to enable automatic sensitive-data redaction and custom message processing. The built-in redaction detects entities such as credit card and social security numbers across multiple language variants and can replace them with generic or entity-specific placeholders (e.g., [PII] or [NAME]). Businesses can also integrate custom processors for translation, profanity filtering, or other transformations to meet compliance and CX needs. The feature is available in multiple AWS regions.

Amazon Connect adds native testing and simulation tools

🧪 Amazon Connect now provides native testing and simulation capabilities that let contact center teams validate workflows, self-service voice interactions, and outcomes in a few clicks. You can configure test parameters such as caller phone number or customer profile, call intent, expected responses, and business conditions like after-hours or full queues. Tests run concurrently at scale and return pass/fail results with the interaction path and detailed logs to accelerate diagnosis and reduce deployment risk.

Amazon Connect Adds Third-Party Speech and TTS Support

🎙️ Amazon Connect now supports integrating third-party speech providers for end-customer self-service. You can directly use Deepgram for speech-to-text and ElevenLabs for text-to-speech alongside Amazon Connect’s native speech capabilities, orchestration, analytics, and compliance controls. The feature is available with Amazon Connect unlimited AI in all commercial AWS regions. This gives contact center teams more flexibility to tailor voice experiences and choose models that fit accuracy, latency, customization, and cost priorities.

Amazon Connect Automated Evaluations for Self-Service

🔍 Amazon Connect now lets businesses automatically evaluate the quality of self-service interactions and surface aggregated insights to improve customer experience. Managers can define custom criteria and populate evaluations manually or automatically using conversational analytics and other Connect data to detect issues like repeated failures to understand customers, negative sentiment, or transfers to human agents. Insights are available in aggregate and at the individual contact level alongside recordings and transcripts to help identify opportunities to improve AI agent performance.

AWS Marketplace adds Agent Mode and AI-Enhanced Search

🔎 AWS Marketplace introduced Agent mode and AI-enhanced search to speed solution discovery across 30,000+ listings. Agent mode provides a conversational procurement assistant that ingests use cases and uploaded requirements to deliver tailored recommendations and dynamic side-by-side comparisons. Users can refine results through dialogue, generate downloadable purchasing proposals, and initiate purchases directly. AI-enhanced search supplies contextual results with AI-generated summaries, adaptive categories, and AWS Specializations badges to spotlight validated partners.

AWS Partner Central Added to AWS Management Console

🔔 AWS has integrated AWS Partner Central directly into the AWS Management Console, giving Partners streamlined access to Partner Central and the AWS Marketplace Management Portal. The release includes expanded APIs to automate co-sell workflows and Marketplace operations, plus enhanced security and user management built on AWS Identity and Access Management with granular permissions and SSO. The console experience is available in all Regions and migration guidance is provided in the existing portal.

AWS Marketplace adds multi-product solution listings

🔗 AWS Marketplace now supports solution-centric procurement via multi-product solutions. Partners, including ISVs and System Integrators, can bundle their own software and services with products they are authorized to resell, while each component retains distinct pricing and terms. Customers gain a single point of contact for negotiation, consolidated procurement, and the ability to manage renewals and term lengths for each component independently. This capability is available across all AWS Regions that operate AWS Marketplace and supports SaaS, Server, AI Agents and Tools, Machine Learning, and Professional Services.

AWS Expands AI Competency with New Agentic AI Categories

🚀 AWS announced a major expansion of its AI Competency, validating 60 partners across three new Agentic AI categories: Agentic AI Tools, Agentic AI Applications, and Agentic AI Consulting Services. The launch includes an AI agent in AWS Partner Central to provide immediate feedback and speed specialization approvals. Validated partners demonstrate production-grade capabilities using services such as Amazon Bedrock AgentCore, Strands Agents, and Amazon SageMaker AI, and must meet AWS standards for security, reliability, and responsible AI.

Amazon SageMaker Catalog Adds Automated Data Classification

🤖 Amazon SageMaker Catalog now provides automated data classification that suggests business glossary terms during dataset publishing to reduce manual tagging and improve metadata consistency. The capability leverages Amazon Bedrock language models to analyze table metadata and schema and recommend relevant business and sensitive-data terms from organizational glossaries. Data producers receive AI-generated suggestions they can accept or modify before publishing, helping standardize vocabulary and improve data discoverability. The feature is available in multiple AWS regions and can be managed via SageMaker Unified Studio, the AWS CLI, or SDKs.

AWS launches preview of Interconnect - multicloud service

🔗 AWS has opened a preview of AWS Interconnect - multicloud, a new service to create private, resilient, high-speed links between Amazon VPCs and other cloud providers. The preview launches with Google Cloud as the initial partner and a planned expansion to Microsoft Azure in 2026. It integrates with AWS Transit Gateway, AWS Cloud WAN, and Amazon VPC, and is available in five AWS Regions via the AWS Management Console. CSPs can adopt the capability through a published open API package on GitHub.

AWS launches Interconnect - last mile preview with Lumen

🔌 AWS Interconnect - last mile is a fully managed connectivity service launched in a gated preview with Lumen, letting customers connect branch offices, data centers, and remote sites to AWS in a few clicks. Users enter a location, select bandwidth (1–100 Gbps), and pick an AWS Region while AWS automates BGP peering, VLAN configuration, and ASN assignment, supporting dynamic scaling and zero‑downtime maintenance. The service is architected for high availability, backed by SLAs, and enables MACsec encryption by default; it is available in the US through Lumen.

Amazon Connect Adds MCP Support for AI Agents and Tools

🤖 Amazon Connect now supports the Model Context Protocol (MCP), enabling AI-driven customer self-service and employee assistance agents to invoke standardized tools to fetch information and perform actions during interactions. Amazon Connect offers out-of-the-box MCP tools for tasks like updating contact attributes and retrieving case information, and allows flow modules to be exposed as MCP tools so business logic is reusable across deterministic and generative workflows. Organizations can also integrate custom or third-party tools via flow modules or the Amazon Bedrock AgentCore Gateway to automate actions such as order lookups, refunds, and customer-record updates without human intervention.

Automated AWS Integration: CrowdStrike Falcon Next-Gen SIEM

🛡️ AWS and CrowdStrike have launched an automated integration experience for CrowdStrike Falcon Next-Gen SIEM in AWS Marketplace that streamlines cloud-native security monitoring. The guided wizard automates connector configuration and provisions least-privilege IAM roles, Amazon SQS queues, EventBridge rules, and SNS topics. Security teams can quickly enable agentic AI-assisted investigation, advanced correlation, and automated response across their AWS Organization, and subscribe via new pay-as-you-go pricing.

Amazon Connect adds AI agent assistance and summarization

🤖 Amazon Connect now offers real-time AI agent assistance and automated contact summarization for Salesforce Contact Center with Amazon Connect (SCC-AC). The capability surfaces customer CRM records and knowledge-base articles to AI agents across voice and chat and provides agents with live transcripts and contextual recommendations. Supervisors gain enhanced call monitoring inside Salesforce, and automated post-contact summaries help agents quickly update cases, reducing administrative burden. Administrators can deploy and configure the integrated solution in minutes; it is available in all AWS Regions where Amazon Connect operates.

Amazon Connect Adds AI Agent Analytics and Monitoring

📊 Amazon Connect now delivers built‑in analytics and monitoring for AI agents across self‑service and agent assist experiences. Administrators can use customizable dashboards to track key metrics such as number of AI‑led interactions, hand‑off rates, conversation turns, and average handle time, and to compare agent versions to find optimal configurations. The release also exposes AI agent traces via APIs and enables rule‑based automation to trigger alerts or actions when conditions like low sentiment transfers occur.

Asahi Data Breach Exposes Personal Details of 1.9M

🔒Asahi Group Holdings confirmed a ransomware-driven data breach discovered in September that affected up to 1.9 million people. The company says personal information including names, genders, addresses, phone numbers and email addresses was exfiltrated, and the Qilin ransomware group claimed responsibility and published sample files. Production and shipping were suspended during the incident and system restoration is ongoing. Asahi reports no payment card data was exposed and has opened a dedicated contact line for affected individuals.

Adversarial Poetry Bypasses LLM Safety Across Models

⚠️ Researchers report that converting prompts into poetry can reliably jailbreak large language models, producing high attack-success rates across 25 proprietary and open models. The study found poetic reframing yielded average jailbreak success of 62% for hand-crafted verses and about 43% for automated meta-prompt conversions, substantially outperforming prose baselines. Authors map attacks to MLCommons and EU CoP risk taxonomies and warn this stylistic vector can evade current safety mechanisms.

Google Antigravity AI coding tool vulnerable to exploits

⚠️ Google’s AI-assisted coding tool Antigravity, launched in early November, has a critical vulnerability discovered by researchers at Mindgard within 24 hours that can install a persistent backdoor and execute malicious code each time the application starts. The flaw arises because the assistant follows custom user rules unconditionally and gives excessive weight to rules embedded in project source, while a global configuration directory can hold files specifying arbitrary commands that are read and acted on at startup. Mindgard also identified two additional vulnerabilities that could expose user data, and no patch is yet available.

French Football Federation Data Exposure Affects Millions

🔒 The French Football Federation (FFF) reported unauthorized access to the centralized software used by licensed clubs to manage player registrations, an intrusion it believes occurred on 20 November. Exposed fields include names, genders, dates and places of birth, nationalities, postal and email addresses, phone numbers and football license ID numbers. The FFF says it deactivated the compromised account, reset all user passwords, filed a complaint with authorities and notified CNIL and ANSSI. It will inform affected individuals with known emails and urged license holders to remain vigilant against phishing and scam attempts.

Amazon CloudWatch adds AI-guided Five Whys reports

🧭 Amazon CloudWatch launched an AI-powered incident report generator that guides teams through a Five Whys root-cause analysis using a chat-based workflow powered by Amazon Q. The feature combines human inputs and automated analysis of incident data to recommend specific remediation and prevention measures. It is available at no additional cost in multiple AWS regions. To use it, create a CloudWatch investigation, click "Incident report," then select "Guide Me" in the Five Whys section.

AWS Glue Adds Apache Iceberg-Based Materialized Views

⚡ AWS Glue now supports materialized views stored in Apache Iceberg format and managed in the AWS Glue Data Catalog. Data teams can create views with standard Spark SQL, attach a refresh schedule, and rely on automatic change detection, incremental updates, and managed compute for refresh jobs. Query engines across Athena, EMR, and AWS Glue rewrite queries to use these views, improving performance by up to 8x and lowering compute costs, while SQL tools like Redshift and SageMaker can read the Iceberg tables directly.

CISA Adds Actively Exploited XSS Bug in OpenPLC ScadaBR

⚠️ CISA has added an actively exploited cross-site scripting flaw, CVE-2021-26829, to its Known Exploited Vulnerabilities catalog after reports of operational abuse against OpenPLC ScadaBR. The XSS affects Windows 1.12.4 and Linux 0.9.1 via system_settings.shtm and was used to deface HMI pages and disable logs. Federal civilian agencies must remediate by December 19, 2025; operators should apply vendor fixes, change default credentials, enable logging and monitor for web-layer manipulation and outbound callbacks.

North Korean Actors Push 197 Malicious npm Packages in Campaign

🛡️ North Korean threat actors tied to the Contagious Interview campaign have uploaded 197 malicious npm packages designed to deliver a variant of OtterCookie that incorporates features of BeaverTail. Socket reports the packages have been downloaded over 31,000 times and include loader names such as bcryptjs-node, cross-sessions, json-oauth and tailwind-magic. The payload evades sandboxes and virtual machines, profiles hosts, fetches a cross-platform binary via a hard-coded Vercel URL, opens a C2 remote shell, and can steal clipboard contents, keystrokes, screenshots, browser credentials, documents and cryptocurrency seed phrases.

CISA Adds CVE-2021-26829 to Known Exploited Vulnerabilities

🔔 CISA has added CVE-2021-26829 — a cross-site scripting vulnerability in OpenPLC ScadaBR — to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation. Cross-site scripting is a frequent attack vector that can enable data theft, session hijacking, and unauthorized actions, posing significant risks to the federal enterprise. Under BOD 22-01, Federal Civilian Executive Branch agencies are required to remediate KEV-listed flaws by the specified due date; CISA also strongly urges all organizations to prioritize timely remediation. CISA will continue to update the catalog as new threats meet its criteria.

Scattered Lapsus$ Hunters Target Zendesk with Fake Domains

🔒 ReliaQuest researchers discovered that a group calling itself Scattered Lapsus$ Hunters registered more than 40 fake domains over six months to impersonate Zendesk, host fraudulent login pages, and push malware. Domains such as znedesk.com and vpn-zendesk.com used realistic sign-in screens while other URLs embedded company names to build trust. Attackers also submitted bogus support tickets to real Zendesk portals to trick help-desk staff into surrendering credentials or installing malware. ReliaQuest noted registry patterns tied to NiceNic and Cloudflare-masked nameservers and shared findings with Zendesk.

Researchers Warn of Security Risks in Google Antigravity

⚠️ Google’s newly released Antigravity IDE has drawn security warnings after researchers reported vulnerabilities that can allow malicious repositories to compromise developer workspaces and install persistent backdoors. Mindgard, Adam Swanda, and others disclosed indirect prompt injection and trusted-input handling flaws that could enable data exfiltration and remote command execution. Google says it is aware, has updated its Known Issues page, and is working with product teams to address the reports.

Amazon Connect adds Bedrock knowledge base integration

📘 Amazon Connect now supports connecting existing Amazon Bedrock Knowledge Bases directly to AI agents and allows multiple knowledge bases per agent. You can attach Bedrock KBs in a few clicks with no additional setup or data duplication, and leverage Bedrock connectors such as Adobe Experience Manager, Confluence, SharePoint, and OneDrive. With multiple KBs per agent, AI agents can query several sources in parallel for more comprehensive responses. This capability is available in all AWS Regions where both services are offered.

Public GitLab Repositories Exposed 17,000+ Secrets

🔒 After scanning all 5.6 million public repositories on GitLab Cloud, a security engineer discovered more than 17,000 exposed secrets across over 2,800 unique domains. Using the open-source tool TruffleHog and an AWS-driven pipeline (SQS queue and Lambda workers), the researcher completed the scan in just over 24 hours at a cost of $770. Notifications were automated with Claude Sonnet 3.7 and scripts; affected parties revoked many credentials and the researcher collected $9,000 in bug bounties, though some secrets remain exposed.

Legacy Python bootstrap scripts enable PyPI takeover risk

🔍 ReversingLabs discovered legacy bootstrap code in Python packages that fetches and executes an installer from the unclaimed domain python-distribute.org. The zc.buildout bootstrap.py pulls distribute_setup.py, and because the domain is for sale an attacker could acquire it and serve malicious payloads. Packages including tornado and slapos.core still contain the script; it targets Python 2 and is not executed automatically during installation, but its presence increases the supply-chain attack surface if developers run it.

French Football Federation Discloses Member Data Breach

⚽ The French Football Federation (FFF) disclosed a data breach after attackers used a compromised account to access administrative management software used by clubs. FFF detected the unauthorized access, disabled the compromised account, and reset all user passwords across the system. Before they were evicted, threat actors exfiltrated personal and contact information for members. The federation said it has filed a criminal complaint, notified regulators, and will directly inform affected individuals while urging vigilance against phishing attempts.

Amazon Connect adds automated email responses and routing

📧 Amazon Connect now supports automated email responses and routing driven by keyword and phrase conditions. Administrators can add the Get stored content block and combine it with flow constructs such as Check contact attributes and Send message to configure automated replies and routing logic. For example, common queries about product availability or shipment status can be answered without agent involvement, helping increase self‑service, reduce manual handling time, and improve routing accuracy across supported regions.

Amazon Connect Outbound Adds Multi-Channel Journey Builder

📣 Amazon Web Services has added a visual journey builder to Amazon Connect Outbound Campaigns, enabling creation of multi-step, multi-channel engagement journeys directly in the console. You can orchestrate voice, SMS, email, and WhatsApp interactions and combine time- or behavior-triggered flows. Integrations with existing Connect Flows, AI capabilities, and Customer Profiles let you personalize interactions and route customers to live agents when needed. The feature is available in all AWS Regions that support Outbound Campaigns.

Amazon Connect adds no-code custom metric creation

📈 Amazon Connect now enables contact center supervisors to create custom metrics using a simple, no-code interface that applies mathematical operations (for example, addition, subtraction, sum, average) to existing Connect data. Nontechnical users can build tailored KPIs and immediately surface them in dashboards and via APIs without engineering support. Use cases include segmented average handle time, total agent outbound time by product, and queue performance filtered by contact type. The feature is available in all AWS regions offering Amazon Connect.

Amazon Connect Chat Adds Agent-Initiated Workflows

🔔 Amazon Connect Chat now supports agent-initiated workflows, allowing agents to send interactive forms and present policies or disclosures directly within an active chat so customers can provide sensitive or general information without leaving the conversation. Agents can trigger workflows at any point, making interactions more dynamic and reducing resolution time. By keeping data collection inside the chat, businesses can better preserve security and compliance controls while improving customer experience. The capability is available now in multiple AWS regions.

Amazon Connect adds business-controlled custom UIs

🔧 Amazon Connect now enables business users to create and use custom UIs to adjust queues, routing, and customer-experience settings in real time without technical resources. Administrators can define key configurations in data tables and expose role-specific actions through persona-based workspaces to maintain governance and security. These capabilities are available in all AWS regions where Amazon Connect is offered.

AWS AI League 2026 Championship Expands Challenges

🤖 AWS has launched the AWS AI League 2026 Championship, expanding its flagship AI tournament with new challenge tracks and a doubled prize pool of $50,000 to drive builder innovation. The program pairs a brief orientation with two competition tracks: a Model Customization track using Amazon SageMaker AI to fine-tune foundation models for domain-specific tasks, and an Agentic AI track using Amazon Bedrock AgentCore to build planning and execution agents. Enterprises can apply to host internal tournaments and receive AWS credits to run team competitions, while individual developers can compete at AWS Summits to test skills and build with AWS AI services.

AWS Expands Resilience Software Competency Program

🔧 AWS has expanded its Resilience Competency to include Technology Partners, enabling customers to identify validated software for high availability and recovery. The program evaluates solutions across Design, Recovery, and Operate categories through expert technical validation to meet strict performance and operational requirements. Qualified partners and solutions are discoverable via the AWS Resilience Competency and purchasable through AWS Marketplace, aligning with AWS's shared responsibility model. This aims to help organizations build always-on applications with lower cost and higher availability than on-premises alternatives.

AWS Marketplace Launches Express Private Offers for Buyers

🔔 AWS Marketplace now offers express private offers, enabling customers to receive personalized pricing and contract terms for participating third-party products in minutes. The AI-powered workflow asks a few questions about purchase requirements and contract duration, then evaluates responses against a seller's preconfigured pricing rules to generate an offer. If needs exceed those parameters, customers can be routed to sales for more tailored deals. This capability is available in all AWS Regions where the Marketplace site is supported.

AWS Marketplace Adds Variable Payments for Services

📢 AWS Marketplace now offers variable payments, a general-availability billing option that lets professional services sellers invoice customers as work is delivered while enforcing a predetermined contract cap. Sellers can create private offers and submit payment requests tied to outcomes, milestones, or time-and-materials. Customers receive email notifications and can approve each request manually or enable auto-approval for streamlined processing. The feature increases engagement flexibility and buyer transparency and reduces the need for full upfront payments or rigid installment schedules.

November 2025 security roundup: leaks, ransomware, policing

🔍 In his November roundup, ESET Chief Security Evangelist Tony Anscombe highlights major cybersecurity developments that warrant attention. He draws attention to Wiz's finding that API keys, tokens and other sensitive credentials were exposed in repositories at several leading AI companies, and to a joint advisory revealing the Akira ransomware group's estimated $244 million takings. Tony also flags privacy concerns around X's new location feature, outlines how Australia intends to enforce a proposed under‑16 social media ban, and notes a Europol/Eurojust operation that disrupted malware families including Rhadamanthys.

RomCom Uses SocGholish to Deliver Mythic Agent to US Firms

🔒 Arctic Wolf Labs observed a targeted September 2025 campaign in which the Russia-aligned RomCom group used fake browser-update prompts to deliver the Mythic Agent implant via a classic SocGholish chain. Researchers say this is the first observed instance of RomCom pairing SocGholish initial access with a Mythic C2-based loader. The intrusion was stopped before impact, and Arctic Wolf published IOCs and mitigation guidance.

EU 'Chat Control' Shift Should Alarm Businesses Across Europe

⚠️ The EU Council's decision to frame communications scanning as voluntary is being presented as a retreat from plans to weaken end-to-end encryption, but privacy experts warn the danger persists. Campaigners including Patrick Breyer and European Digital Rights (EDRi) say this effectively privatizes Chat Control, enabling companies to deploy error-prone, warrantless client-side scanning. For enterprises and CISOs the main concern is data leakage: false positives could expose confidential documents, code, or strategic plans to outside authorities without corporate consent.

Amazon Connect links related contacts to cases using flows

🔗 Amazon Connect now lets agents link related contacts — including email replies, call transfers, persistent chats, and queued callbacks — to an existing case using configurable flows. By enabling follow-up contacts to attach automatically, Amazon Connect Cases removes the need for custom logic or manual linking and helps present a unified customer journey to agents. The capability is available in multiple AWS regions; see the Amazon Connect Cases documentation to get started.

Amazon Connect Adds Native Testing and Simulation Tools

🧪 Amazon Connect now includes native testing and simulation capabilities that let teams validate contact center workflows, voice self-service, and business conditions with just a few clicks. You can configure caller identity, customer profile, intent (for example “I need to check my order status”), expected responses, and scenarios such as after-hours or full queues. Tests return pass/fail outcomes, execution paths, and detailed logs, and multiple tests can run concurrently to accelerate validation at scale.

Threat Actors Abuse Calendar Subscriptions for Attacks

📅 New research from BitSight reveals that threat actors are exploiting third‑party calendar subscription mechanisms to inject malicious events and notifications directly into users' devices. Attackers are leveraging expired or hijacked domains to host deceptive .ics files and run large‑scale social engineering campaigns that can deliver phishing URLs, attachments, or code execution vectors. While this is not a vulnerability in Google Calendar or iCalendar, the findings expose a neglected security blind spot. Organizations and individuals should strengthen monitoring and protections around calendar subscriptions.

Microsoft Teams guest access can bypass Defender protections

⚠️ Researchers warn a cross-tenant blind spot in Microsoft Teams can allow attackers to sidestep Microsoft Defender for Office 365 when users accept guest access in another tenant. Protections follow the hosting tenant, not the user's home organization, enabling attackers to create protection-free malicious tenants using low-tier licenses. Organizations should restrict B2B invitations, enable cross-tenant access controls, and train users to reject unsolicited guest invites.

Amazon Connect adds message streaming for AI chats

💬 Amazon Connect now streams AI chat messages as they're generated, presenting progressive responses and status prompts such as 'One moment while I review your account.' This reduces perceived wait times and reassures customers that an AI agent is actively reasoning, invoking tools, and composing answers. The feature is available in ten AWS regions and can be integrated into existing contact flows and front-end components to improve conversational transparency and responsiveness.

Amazon Connect Agent Workspace Adds Custom Visual Themes

🎨 Amazon Connect now enables administrators to apply custom visual themes to the agent workspace, including logos, fonts, and color palettes tailored for both light and dark modes. Organizations can replace the default interface with a branded experience that aligns the workspace with other company applications, making it more familiar and intuitive for agents. A new header bar gives agents quick access to settings and their light/dark preference, which can help improve satisfaction and efficiency during long shifts.

Amazon Connect adds automated criteria for evaluations

🔍 Amazon Connect introduces configurable criteria to automatically select relevant contacts for performance evaluations, helping managers target specific interactions for review. Managers can specify attributes such as inbound contacts with no connectivity issues and agent department to trigger a chosen evaluation form. New metric-driven criteria — including agent call avoidance, contact handling efficiency, and audibility — can also automatically populate evaluation fields. This capability is available in all regions where Amazon Connect is offered.

Operator jailed for in-flight evil twin Wi-Fi attacks

🔒 An Australian man was sentenced to seven years and four months for operating an evil twin Wi-Fi network that targeted airline passengers and airport patrons in Perth, Melbourne and Adelaide. He deployed a WiFi Pineapple to clone legitimate SSIDs and present phishing captive portals that harvested social media credentials, then used those accounts to access victims' private messages and intimate images. Forensic analysis of seized devices recovered thousands of stolen images, videos, credentials and records of fraudulent Wi‑Fi pages.

Leak: OpenAI Tests Ads Inside ChatGPT App for Users

📝 OpenAI is internally testing an 'ads' feature in the ChatGPT Android beta that references bazaar content, search ad entries and a search ads carousel. The leak, spotted in build 1.2025.329, suggests ads may initially be confined to the search experience but could expand. Because the assistant retains rich context, any placements could be highly personalized unless users opt out. This development may signal a major shift in ChatGPT's monetization and the broader web advertising landscape.

Amazon Connect adds granular access controls for evaluations

🔐 Amazon Connect now offers granular access controls for performance evaluation forms, enabling administrators to restrict who can view, modify, or use specific evaluation templates. Managers can be granted template-specific edit or use permissions aligned to business lines or functions, while agents and managers can be prevented from viewing particular completed evaluations. This reduces the risk of unauthorized access and simplifies form selection during evaluations.

Three Black Friday Phishing Scams to Watch in 2025

📧 Darktrace warns of a major increase in Black Friday-themed phishing, reporting a 620% spike in the weeks before the 2025 sales and forecasting a further 20–30% rise during Black Friday week. The firm highlights three primary tactics: brand impersonation, fake marketing domains and generative AI-generated adverts. Amazon was the most impersonated brand, and other US retailers were also targeted. Consumers are advised to verify senders and avoid clicking suspicious links.

Making the Most of Multicloud: Strategy and Security

☁ IT leaders must align business goals, governance, and security to realize multicloud benefits while managing complexity. This report outlines five core challenges — including visibility, compliance, and developer productivity — and provides guidance on securing multicloud deployments. It also examines ROI strategies and a practical checklist to maximize value and efficiency.

Empathy-Driven IT Security: Path to Active Compliance

🔐 IT security often meets resistance when guidelines clash with everyday work pressures, causing employees to view measures as obstructive and to bypass them. The article advocates empathetic policy engineering: perform stakeholder analysis, design user-centered policies, and pilot changes with early adopters. Communicate with respect—use tactical empathy, collaborative 'help me to help you' dialogues, and realistic, scenario-based training to boost acceptance and embed secure practices.

Seven Security Practices That Should Be Retired Now

🔒 This article identifies seven security practices that have become obsolete in modern, cloud-first and hybrid workplaces. Contributors including Amit Basu, George Gerchow and others warn against relying on perimeter defenses, legacy VPNs, SMS-based 2FA and on-premises SIEMs, and caution about overreliance on EDR or compliance-only programs. It recommends shifting to Zero Trust, SASE, continuous monitoring and active security awareness to close visibility gaps and reduce risk.

Windows updates hide password icon on lock screen issue

🔒 Microsoft warned that updates to Windows 11 released since August may make the password sign‑in icon invisible on the lock screen for systems with multiple sign‑in options. The button remains functional — hovering over the blank space reveals the password control. The issue is tied to the non‑security preview KB5064081 and later releases on 24H2/25H2. Microsoft has provided no timeline for a fix and offers no workaround beyond the hover action.

Adopting Remote Privileged Access: The Shift to RPAM

🔒 Remote Privileged Access Management (RPAM) provides a cloud-native approach to securing privileged accounts beyond traditional perimeters, enabling administrators, contractors and third-party vendors to connect securely from any device or location. RPAM enforces least-privilege, Just-in-Time access and multi-factor authentication while recording detailed session logs without relying on VPNs. By supporting zero-trust principles and scalable deployments, RPAM reduces attack surface and streamlines compliance.

CSO Launches 'Smart Answers' AI Chatbot for Readers

🤖 Smart Answers is a generative AI chatbot embedded across CSO articles to help security professionals ask questions, discover content, and explore IT and leadership topics. The tool provides pre-made topic prompts, follow-up suggestions, and links to source articles and background material. It was developed with partner Miso.ai, uses only editorial content from the publisher's German-language brands, and flags when it cannot answer or relies on older (pre-2020) material.