AWS Bedrock Tool Vulnerability Enables Data Exfiltration via DNS Leaks

Summary

A security vulnerability has been identified in AWS Bedrock's tool-use functionality that could allow attackers to exfiltrate sensitive data through DNS-based covert channels. The attack vector exploits how Bedrock agents handle tool calls, potentially enabling malicious actors to leak data from enterprise AI workloads by encoding information within DNS queries — a technique that can bypass many traditional network security controls. This vulnerability highlights the expanding attack surface in