Bleeping Computer

Popular Python and PHP libraries hijacked to steal AWS keys

PyPI module 'ctx' that gets downloaded over 20,000 times a week has been compromised in a software supply chain attack with malicious versions stealing the developer's environment variables. The ...
Dark Reading

8-Minute Access: AI Accelerates Breach of AWS Environment

Attackers used a combination of found credentials and artificial intelligence (AI) to gain administrative access to an Amazon Web Services (AWS) environment in less than 10 minutes. The incident ...
Bleeping Computer

PyPi python packages caught sending stolen AWS keys to unsecured sites

Multiple malicious Python packages available on the PyPI repository were caught stealing sensitive information like AWS credentials and transmitting it to publicly exposed endpoints accessible by ...