Hackers Exploited Misconfigured AWS .env Files to Attack 110,000 Domains
The attackers exploited exposed environment variables in misconfigured AWS .env files to ransom data stored in S3 containers by everaging automation to efficiently target...
Massive Cyber Attack on AWS: 230M Targets Scanned
Attackers exploited publicly accessible .env files containing sensitive credentials to gain unauthorized access to multiple cloud environments.
By leveraging exposed environment variables, long-lived credentials, and...
Critical AWS Vulnerabilities Allow Attackers to Perform Remote Code Execution
Researchers identified a new attack vector, "Shadow Resources," enabling resource squatting through predictable S3 bucket naming conventions.
By leveraging "Bucket Monopoly," an attacker can significantly...
Weaponized AWS Packages Spreading Malware through Innocent-Looking JPEGs
Malicious actors published seemingly legitimate packages to the npm registry that contained malicious code hidden within image files. The code was executed during installation...
Attention AWS Users: Malicious npm Package Mimics Legitimate Tools
Malicious actors are increasingly targeting open-source public repositories with malware cloaked in legitimate packages, which frequently steals sensitive data or downloads more malware.
Security researchers...
