Bleeping Computer

Popular Python and PHP libraries hijacked to steal AWS keys

PyPI module 'ctx' that gets downloaded over 20,000 times a week has been compromised in a software supply chain attack with malicious versions stealing the developer's environment variables. The ...
Dark Reading

Attackers Use Stolen AWS Credentials in Cryptomining Campaign

Threat actors wielding stolen AWS Identity and Access Management (IAM) credentials leverage Amazon EC and EC2 infrastructure ...
CSOonline

AWS customers face massive breach amid alleged ShinyHunters regroup

Vulnerabilities and misconfiguration in a huge number of public-facing websites allowed the attackers to gain access to sensitive customer data used in AWS services. Terabytes of data belonging to ...
Dark Reading

Cybercrime Gangs Abscond With Thousands of Orgs' AWS Credentials

Cybercriminal gangs have exploited vulnerabilities in public websites to steal Amazon Web Services (AWS) cloud credentials and other data from thousands of organizations, in a mass cyber operation ...