AWS

Massive Cyber Attack on AWS: 230M Targets Scanned

Attackers exploited publicly accessible .env files containing sensitive credentials to gain unauthorized access to multiple cloud environments.  By leveraging exposed environment variables, long-lived credentials, and...

Critical AWS Vulnerabilities Allow Attackers to Perform Remote Code Execution

Researchers identified a new attack vector, "Shadow Resources," enabling resource squatting through predictable S3 bucket naming conventions. By leveraging "Bucket Monopoly," an attacker can significantly...

Weaponized AWS Packages Spreading Malware through Innocent-Looking JPEGs

Malicious actors published seemingly legitimate packages to the npm registry that contained malicious code hidden within image files. The code was executed during installation...

Attention AWS Users: Malicious npm Package Mimics Legitimate Tools

Malicious actors are increasingly targeting open-source public repositories with malware cloaked in legitimate packages, which frequently steals sensitive data or downloads more malware.  Security researchers...

Hackers Unleash 250 Fake npm Packages Imitating AWS & Microsoft Projects!

Malicious actors are exploiting the popularity of open-source projects by publishing over 250 booby-trapped npm packages, which masquerade as legitimate offerings from companies like...

Popular

Subscribe

spot_imgspot_img