1. NASA PDS Lambda Security Gap: S3 get_object Missing Critical ExpectedBucketOwner Parameter
A critical security oversight has been identified in a NASA Planetary Data System (PDS) Lambda function, exposing a potential vector for confused deputy attacks. The function `pds-nucleus-s3-file-event-processor.py` is missing the `ExpectedBucketOwner` parameter in its S3 `get_object` call, a standard AWS security best...