News

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...
ZDNet5y

Crypto-mining worm steals AWS credentials - ZDNET

TeamTNT has become the first crypto-minining botnet to include a feature that scans and steal AWS credentials.
Threat Post5y

AWS Cryptojacking Worm Spreads Through the Cloud - Threatpost

The malware harvests AWS credentials and installs Monero cryptominers. A cryptomining worm from the group known as TeamTNT is spreading through the Amazon Web Services (AWS) cloud and collecting ...

Salesloft: March GitHub repo breach led to Salesforce data theft attacks

Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in ...
SecurityWeek12h

GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets

A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of ...
Security Boulevard4d

Sandboxed to Compromised: New Research Exposes Credential Exfiltration Paths in AWS Code Interpreters

In my first article on Bedrock AgentCore Code Interpreters, I demonstrated that custom code interpreters can be coerced into performing AWS control plane actions by non-agentic identities. This ...
ZDNet4y

A crypto-mining botnet is now stealing Docker and AWS credentials

After if began stealing AWS credentials last summer, the TeamTNT botnet is now also stealing Docker API logins, making the use of firewalls mandatory for all internet-exposed Docker interfaces.
TechRadar8mon

AWS, Azure and Google Cloud credentials from old accounts ... - TechRadar

Pro AWS, Azure and Google Cloud credentials from old accounts are putting businesses at risk News By Efosa Udinmwen published December 15, 2024 ...