A significant cyber operation exploiting vulnerabilities in improperly configured public websites has been linked to the Nemesis and ShinyHunters hacking groups, exposing sensitive data, including ...

Cybercriminal gangs have exploited vulnerabilities in public websites to steal Amazon Web Services (AWS) cloud credentials and other data from thousands of organizations, in a mass cyber operation ...

AWS said in a statement to CRN that it completed an investigation into the security flaw and determined that it ‘is not a security issue, but rather expected behavior that falls within the trust ...

CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential theft and using the stolen information to deliver additional malicious ...

Security researchers are raising the alarm about mobile app developers relying on insecure practices that expose Amazon Web Services (AWS) credentials, making the supply chain vulnerable. Malicious ...

Russia's premiere advanced persistent threat group has been phishing thousands of targets in militaries, public authorities, and enterprises. "APT29 embodies the 'persistent' part of 'advanced ...

Datadog has admitted to becoming a victim of a data breach and has recommended that users immediately revoke and change their credentials. Datadog provides metrics for cloud providers across services, ...

Users of AI cloud services such as Amazon Bedrock are increasingly being targeted by attackers who abuse stolen credentials in a new attack dubbed LLMjacking. The black market for access to large ...

Security researchers have discovered a new vulnerability affecting command-line tools used in cloud environments. Dubbed “LeakyCLI” by the Orca Security team, the flaw exposes sensitive credentials in ...