CISA Contractor Exposed Sensitive Credentials in Public GitHub Repository

CISA is investigating after a contractor’s public GitHub repository exposed AWS GovCloud credentials, internal files, and passwords.
Dark Reading

Russia's APT29 Mimics AWS Domains to Steal Windows Credentials

Russia's premiere advanced persistent threat group has been phishing thousands of targets in militaries, public authorities, and enterprises. "APT29 embodies the 'persistent' part of 'advanced ...
CRN

AWS’ EKS Kubernetes ‘Critical Security’ Flaw Exposes Credentials, Says Trend Micro

AWS said in a statement to CRN that it completed an investigation into the security flaw and determined that it ‘is not a security issue, but rather expected behavior that falls within the trust ...
CSOonline

From credentials to cloud admin in 8 minutes: AI supercharges AWS attack chain

AI-assisted attackers weaponized exposed credentials and permissive roles to move from initial access to full AWS admin control in minutes. Threat actors tore through an Amazon Web Services ...