The Register on MSN

A simple CodeBuild flaw put every AWS environment at risk – and pwned the central nervous system of the cloud

And it's 'not unique to AWS,' researcher tells The Reg A critical misconfiguration in AWS's CodeBuild service allowed ...

Critical AWS supply chain vulnerability could have let hackers take over key GitHub repositories

A critical misconfiguration in Amazon Web Services (AWS) CodeBuild service exposed several AWS-managed GitHub repositories to ...
The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, risking takeover of four AWS GitHub repositories ...
Bleeping Computer

Cryptojacking worm steals AWS credentials from Docker systems

A cybercrime group known as TeamTNT is using a crypto-mining worm to steal plaintext AWS credentials and config files from compromised Docker and Kubernetes systems. TeamTNT's cryptocurrency mining ...
Infosecurity Magazine

CodeBuild Flaw Put AWS Console Supply Chain At Risk

A critical misconfiguration in AWS CodeBuild has allowed attackers to seize control of core AWS GitHub repositories, ...
Yahoo

AWS customers hit by major cyberattack which then stored stolen credentials in plain sight

Misconfigured cloud instances have once again been abused to steal sensitive information such as login credentials, API keys, and more. This time around, the victims were countless Amazon Web Services ...
Bleeping Computer

Over 1,000 iOS apps found exposing hardcoded AWS credentials

Security researchers are raising the alarm about mobile app developers relying on insecure practices that expose Amazon Web Services (AWS) credentials, making the supply chain vulnerable. Malicious ...
Threat Post

AWS Cryptojacking Worm Spreads Through the Cloud

The malware harvests AWS credentials and installs Monero cryptominers. A cryptomining worm from the group known as TeamTNT is spreading through the Amazon Web Services (AWS) cloud and collecting ...