Amazon Q Developer Flaw Let Attackers Steal AWS Credentials via Repos
CVE-2026-12957 and CVE-2026-12958 enabled code execution and AWS credential theft when developers opened malicious repositories. Patch auto-applied for most users.
8 articles tagged with "Aws"
CVE-2026-12957 and CVE-2026-12958 enabled code execution and AWS credential theft when developers opened malicious repositories. Patch auto-applied for most users.
Threat actor PCPJack compromised 230 AWS, Azure, and Google Cloud servers to build a hidden email relay network. Hunt.io and SentinelOne researchers expose the operation.
A fake Sicoob SDK on NuGet exfiltrated PFX certificates and banking credentials from Brazilian developers, while 14 malicious npm packages harvested AWS keys, Vault tokens, and CI/CD secrets.
Sysdig documents the first AI-agent-driven intrusion: attackers exploited Marimo CVE-2026-39987, then used an LLM agent to pivot through AWS and exfiltrate a PostgreSQL database in under an hour.
Hackers compromised the European Commission's Amazon cloud infrastructure, claiming to steal 350GB of data including employee databases. Investigation ongoing.
FulcrumSec threat actor exploits React2Shell vulnerability to breach LexisNexis AWS infrastructure, leaking 2GB of customer data including .gov email addresses and federal employee records.
SANS ISC documents phishing campaign using fabricated incident reports to steal MetaMask wallet credentials. Attackers host phishing pages on AWS S3.
Check Point researchers expose a sophisticated cloud-native malware framework designed from the ground up to target AWS, Azure, GCP, and containerized environments.