In December 2022, security researchers at Sysdig uncovered real-world cases of privilege escalation via IAM misconfiguration. An attacker exploited an overlooked permission in an AWS environment, allowing them to modify IAM policies. By leveraging the ability to create new policy versions, they granted themselves full administrative access—bypassing intended security controls. This type of shadow IAM…
