Amazon Web Services (AWS) Vendor Cyber Rating & Cyber Score

amazon.com
ISOSOC2 Type 1SOC2 Type 2PCI DSSHIPAAGDPR

Launched in 2006, Amazon Web Services (AWS) began exposing key infrastructure services to businesses in the form of web services -- now widely known as cloud computing. The ultimate benefit of cloud computing, and AWS, is the ability to leverage a new business model and turn capital infrastructure expenses into variable costs. Businesses no longer need to plan and procure servers and other IT resources weeks or months in advance. Using AWS, businesses can take advantage of Amazon's expertise and economies of scale to access resources when their business needs them, delivering results faster and at a lower cost. Today, Amazon Web Services provides a highly reliable, scalable, low-cost infrastructure platform in the cloud that powers hundreds of thousands of businesses in 190 countries around the world. With data center locations in the U.S., Europe, Singapore, and Japan, customers across all industries are taking advantage of our low cost, elastic, open and flexible, secure platform.

Amazon Web Services (AWS) A.I CyberSecurity Scoring

AWS

Company Details

Linkedin ID:

amazon-web-services

Website:

http://aws.amazon.com

Employees number:

153,837

Number of followers:

10,600,547

NAICS:

5415

Industry Type:

IT Services and IT Consulting

Homepage:

amazon.com

IP Addresses:

2908

Company ID:

AMA_2359329

Scan Status:

In-progress

AI scoreAWS Risk Score (AI oriented)

Between 600 and 649

https://images.rankiteo.com/companyimages/amazon-web-services.jpeg
AWS IT Services and IT Consulting
Updated:
  • Powered by our proprietary A.I cyber incident model
  • Insurance preferes TPRM score to calculate premium
Get a Score Increase
globalscoreAWS Global Score (TPRM)

XXXX

https://images.rankiteo.com/companyimages/amazon-web-services.jpeg
AWS IT Services and IT Consulting
  • Instant access to detailed risk factors
  • Benchmark vs. industry & size peers
  • Vulnerabilities
  • Findings

Amazon Web Services (AWS)

Poor
Current Score
621
Caa (Poor)
01000
26 incidents
-12.82 avg impact

Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.

APRIL 2026
623
Vulnerability
02 Apr 2026 • Amazon and Starbucks: Starbucks Breach – Attacks Allegedly Claim 10GB of Stolen Source Code
ShadowByt3s Claims Major Starbucks Breach, Steals 10GB of Proprietary Code and Firmware

**ShadowByt3s Claims Major Starbucks Breach, Steals 10GB of Proprietary Code and Firmware** The threat group **ShadowByt3s** has claimed responsibility for a cyberattack on **Starbucks**, allegedly exfiltrating **10GB of proprietary source code and operational firmware** from a misconfigured **Amazon S3 bucket** named *sbux-assets*. The breach, part of a broader campaign targeting cloud vulnerabilities, was announced by a threat actor under the alias **BlackVortex1** on a dark web forum. The stolen data includes **highly sensitive operational technology** controlling Starbucks’ physical store machines, such as: - **Beverage dispenser firmware** for core systems like Siren System components and Blue Sparq motor boards. - **Mastrena II espresso machine software**, including touch-screen interface code and motor configurations. - **FreshBlends assets**, containing proprietary UI packages, ingredient ratios, and pricing logic for automated smoothie stations. Additionally, the breach reportedly compromises **internal web-based management tools**, including a centralized **"New Web UI"** for global machine oversight, an **inventory management portal (b4-inv)**, and **operational monitoring utilities** for technician diagnostics. ShadowByt3s has set an **extortion deadline of April 5, 2026, at 5:00 PM**, threatening to publicly release the full dataset if Starbucks does not comply with their ransom demands. The incident follows a **March 2026 phishing attack** that exposed **889 employee accounts**, though this latest breach focuses on **corporate infrastructure rather than personal data**. Cybersecurity monitoring platforms, including **VECERT**, have flagged the alleged leak as circulating on threat intelligence channels since **April 1, 2026**. The group claims to be actively scanning for and exploiting cloud misconfigurations to harvest sensitive corporate data.

621
critical -2
AMASTA1775118743
Incident Details -
Type
Data Breach, Extortion
Attack Vector
Misconfigured Amazon S3 bucket
Vulnerability Exploited
Cloud misconfiguration
Motivation
Extortion, Financial Gain
Impact
Data Compromised: 10GB of proprietary source code and operational firmware Beverage dispenser firmware Mastrena II espresso machine software FreshBlends assets Internal web-based management tools (New Web UI, b4-inv, operational monitoring utilities) Operational Impact: Potential disruption to physical store operations and global machine oversight Brand Reputation Impact: High
Data Breach
Proprietary source code Operational firmware Internal management tools Sensitivity Of Data: High Data Exfiltration: Yes Firmware files Source code UI packages Configuration files Personally Identifiable Information: No
Investigation Status
['Ongoing']
Initial Access Broker
Entry Point: Misconfigured Amazon S3 bucket (sbux-assets) High Value Targets: Proprietary operational technology and firmware
Post Incident Analysis
Root Causes: Cloud misconfiguration, potential phishing attack (March 2026)
References
Blog URL Source URL
APRIL 2026
625
Vulnerability
01 Apr 2026 • Trivy, Cisco, Salesforce, AWS and Aura: Cisco Faces Alleged Data Leak as ShinyHunters Claims Responsibility
Cisco Hit by Major Cyberattack Linked to Supply Chain Breach

**Cisco Hit by Major Cyberattack Linked to Supply Chain Breach** Cisco is responding to a significant cybersecurity incident after threat actors breached its internal development networks, stealing sensitive source code and corporate data. The attack, claimed by the hacking group **ShinyHunters**, also allegedly impacted **Salesforce, Aura, and AWS storage buckets**. The breach originated from a **supply chain attack** involving **Trivy**, a widely used vulnerability scanner. Attackers exploited a malicious **GitHub Action plugin** tied to the Trivy compromise, allowing them to steal credentials and infiltrate Cisco’s build environments. Once inside, they compromised **dozens of devices**, including lab workstations and developer systems, gaining access to highly sensitive data. The stolen material includes **AWS keys**, which were used to perform unauthorized actions in Cisco’s cloud accounts, and **over 300 private GitHub repositories**. These repositories contain **unreleased product source code**, including **AI Assistants and AI Defense technologies**, as well as data belonging to **corporate clients**, such as major banks, BPO firms, and U.S. government agencies. Cisco’s security teams including the **Unified Intelligence Center, CSIRT, and EOC** moved quickly to contain the breach by isolating affected systems, wiping compromised machines, and enforcing a **mass credential reset**. However, the company has not yet issued a public statement, and internal sources suggest **ongoing complications** from the incident. While **ShinyHunters** has taken credit for the data theft, security researchers link the underlying **Trivy supply chain attack** to **TeamPCP**, a separate group known for deploying **custom malware** ("TeamPCP Cloud Stealer") to hijack developer platforms like **Docker, NPM, and PyPi**. TeamPCP has also been tied to recent breaches of **LiteLLM and Checkmarx**, raising concerns about **secondary attacks** stemming from related vulnerabilities.

621
critical -4
AQUUSEAMASALCIS1775046662
Incident Details -
Type
Supply Chain Attack, Data Breach
Attack Vector
Malicious GitHub Action plugin (Trivy vulnerability scanner)
Vulnerability Exploited
Supply chain compromise (Trivy), credential theft
Impact
Data Compromised: AWS keys, over 300 private GitHub repositories (unreleased product source code, AI Assistants, AI Defense technologies, corporate client data) Systems Affected: Dozens of devices (lab workstations, developer systems, build environments) Operational Impact: Isolation of affected systems, mass credential reset, ongoing complications
Response
Containment Measures: Isolated affected systems, wiped compromised machines, mass credential reset Communication Strategy: No public statement issued yet
Data Breach
Source code Corporate data AWS keys AI technologies Client data Number Of Records Exposed: Over 300 private GitHub repositories Sensitivity Of Data: High (unreleased product source code, AI Assistants, AI Defense technologies, corporate client data)
Investigation Status
['Ongoing']
Initial Access Broker
Entry Point: Malicious GitHub Action plugin (Trivy supply chain compromise) High Value Targets: AWS keys, private GitHub repositories, developer systems
Post Incident Analysis
Root Causes: Supply chain attack (Trivy), credential theft, malicious GitHub Action plugin
References
Blog URL Source URL
MARCH 2026
657
Cyber Attack
24 Mar 2026 • European Commission: EU Commission web platform hit by cyber-attack on March 24
EU Commission’s Europa Web Platform Hit by Cyberattack, Data Likely Stolen

**EU Commission’s Europa Web Platform Hit by Cyberattack, Data Likely Stolen** On March 24, the European Commission confirmed a cyberattack targeting its cloud infrastructure hosting the **Europa web platform**, a key portal for EU communications and services. The incident, detected and contained swiftly, is under investigation, with early findings indicating that **data was exfiltrated** from affected websites. The Commission stated that **internal systems remained unaffected**, though it did not disclose the scope of the stolen data or attribute the attack to any group or individual. The breach follows a pattern of rising cyber threats against EU institutions, with no further details provided on potential motives or methods used. The attack was publicly disclosed on **March 27**, as the Commission continues to assess the full impact. No disruption to critical operations has been reported. The incident underscores ongoing vulnerabilities in public-sector digital infrastructure amid geopolitical tensions.

624
critical -33
EUR1774635987
Incident Details -
Type
Data Breach
Impact
Data Compromised: Yes Systems Affected: Europa web platform (cloud infrastructure) Operational Impact: No disruption to critical operations reported
Response
Incident Response Plan Activated: Yes Containment Measures: Swift containment
Data Breach
Data Exfiltration: Yes
Investigation Status
['Ongoing']
References
Blog URL Source URL
MARCH 2026
633
Vulnerability
23 Mar 2026 • Amazon, Pinecone, Salesforce, Microsoft, Redis, Amazon Aurora and Amazon Redshift: We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them
AWS Bedrock AI Platform Exposed to Eight Critical Attack Vectors, Research Reveals

**AWS Bedrock AI Platform Exposed to Eight Critical Attack Vectors, Research Reveals** Amazon’s AWS Bedrock a platform enabling developers to build AI-powered applications by integrating foundation models with enterprise data and systems has been identified as a high-value target for attackers. Security researchers at XM Cyber uncovered eight validated attack vectors that exploit Bedrock’s connectivity to critical infrastructure, including Salesforce, Lambda functions, SharePoint, and vector databases. The vulnerabilities stem from misconfigured permissions and weak access controls, allowing attackers to manipulate logs, compromise knowledge bases, hijack AI agents, inject malicious workflows, degrade security guardrails, and poison prompts. Each vector begins with minimal privileges but can escalate to full system compromise. ### **Key Attack Vectors** 1. **Model Invocation Log Attacks** – Attackers can redirect or delete logs stored in S3 buckets, harvesting sensitive data or erasing forensic evidence. 2. **Knowledge Base Attacks (Data Source)** – By accessing S3, Salesforce, or SharePoint credentials, attackers bypass AI models to extract raw data or move laterally into Active Directory. 3. **Knowledge Base Attacks (Data Store)** – Compromised credentials for vector databases (Pinecone, Redis) or AWS-native stores (Aurora, Redshift) grant full access to structured enterprise data. 4. **Agent Attacks (Direct)** – Modifying agent prompts or attaching malicious executors enables unauthorized actions, such as database tampering or user creation. 5. **Agent Attacks (Indirect)** – Injecting malicious code into Lambda functions allows data exfiltration or model response manipulation. 6. **Flow Attacks** – Altering workflows to reroute data to attacker-controlled endpoints or bypassing authorization checks via modified condition nodes. 7. **Guardrail Attacks** – Weakening or removing content filters increases susceptibility to prompt injection and toxic output generation. 8. **Managed Prompt Attacks** – Modifying centralized prompt templates enables mass-scale data exfiltration or harmful content generation without detection. ### **Impact & Implications** The research highlights that attackers target Bedrock’s integrations rather than the AI models themselves. A single over-privileged identity can redirect logs, hijack agents, or access on-premises systems. Security teams must map attack paths across cloud and hybrid environments while enforcing strict permission controls to mitigate risks. The findings underscore the need for comprehensive visibility into AI workloads and their associated permissions to prevent exploitation. Full technical details, including architectural diagrams, are available in XM Cyber’s research report.

624
critical -9
SALAMAMICPINRED1774269319
Incident Details -
Type
Misconfiguration, Privilege Escalation, Data Exfiltration, AI Security
Attack Vector
Model Invocation Log Attacks Knowledge Base Attacks (Data Source) Knowledge Base Attacks (Data Store) Agent Attacks (Direct) Agent Attacks (Indirect) Flow Attacks Guardrail Attacks Managed Prompt Attacks
Vulnerability Exploited
Misconfigured permissions, weak access controls, over-privileged identities
Impact
Data Compromised: Sensitive data in logs, raw enterprise data, structured data in vector databases, AI model responses Systems Affected: AWS Bedrock, S3 buckets, Salesforce, Lambda functions, SharePoint, vector databases (Pinecone, Redis), Aurora, Redshift, Active Directory Operational Impact: Unauthorized actions (e.g., database tampering, user creation), data exfiltration, model response manipulation, bypassing authorization checks Brand Reputation Impact: Potential reputational damage due to AI security vulnerabilities and data exposure Identity Theft Risk: High (due to access to personally identifiable information and sensitive data)
Response
Remediation Measures: Enforce strict permission controls, map attack paths across cloud and hybrid environments, enhance visibility into AI workloads and associated permissions Enhanced Monitoring: Recommended to prevent exploitation
Data Breach
Logs (sensitive data) Raw enterprise data Structured data (vector databases) AI model responses Credentials (S3, Salesforce, SharePoint, etc.) Sensitivity Of Data: High (personally identifiable information, enterprise data, AI training data) Data Exfiltration: Possible via malicious workflows, Lambda functions, or attacker-controlled endpoints Personally Identifiable Information: Likely (due to access to logs, databases, and enterprise systems)
Lessons Learned
Attackers target AI platform integrations rather than the models themselves. Over-privileged identities can lead to full system compromise. Comprehensive visibility into AI workloads and permissions is critical for security.
Recommendations
Enforce strict permission controls and least-privilege access for AI workloads Map attack paths across cloud and hybrid environments to identify risks Enhance monitoring and visibility into AI workloads and associated permissions Regularly audit and update security configurations for AI platforms and integrations
Investigation Status
['Research Findings Published']
Stakeholder Advisories
Security teams advised to review AWS Bedrock configurations and enforce strict permission controls
Post Incident Analysis
Root Causes: Misconfigured permissions, weak access controls, over-privileged identities, lack of visibility into AI workloads Corrective Actions: Enforce least-privilege access, map attack paths, enhance monitoring, audit security configurations
References
Blog URL Source URL
MARCH 2026
634
Vulnerability
16 Mar 2026 • Amazon Web Services: Researchers Find Data Leak Risk in AWS Bedrock AI Code Interpreter
AWS Bedrock Vulnerability Exposes Sensitive Data via DNS Exfiltration

**AWS Bedrock Vulnerability Exposes Sensitive Data via DNS Exfiltration** Cybersecurity researchers at **Phantom Labs** (the research arm of **BeyondTrust**) uncovered a critical flaw in **AWS Bedrock’s AgentCore Code Interpreter**, a tool enabling AI chatbots to execute code for tasks like data analysis. The vulnerability, discovered by lead researcher **Kinnaird McQuade**, allowed attackers to bypass AWS’s **Sandbox mode** designed to isolate AI-generated code from external networks and exfiltrate sensitive data via **DNS queries**. ### **The Exploit: DNS as a Covert Channel** While Sandbox mode blocks most outbound traffic, it permits **DNS requests (A and AAAA records)**, which attackers exploited to smuggle data. Researchers demonstrated a **proof-of-concept (PoC) command-and-control channel**, encoding stolen information in **chunked ASCII within DNS subdomains** and establishing a two-way communication path with the isolated AI. This method effectively circumvented AWS’s security controls, even in supposedly air-gapped environments. ### **AWS’s Response: A Failed Fix and Documentation Update** Phantom Labs disclosed the flaw to AWS in **September 2025**, prompting an initial patch in **November 2025**. However, AWS **withdrew the fix two weeks later** due to technical issues and, by **December 2025**, opted against a new patch. Instead, AWS updated its documentation to warn users of the risk, assigning the vulnerability a **high-severity score of 7.5/10**. As part of responsible disclosure, McQuade received a **$100 AWS gift card** for the finding. ### **Broader Risks: AI Manipulation and Supply Chain Threats** The vulnerability highlights multiple attack vectors: - **Prompt injection**: Malicious inputs could trick AI into executing unauthorized code. - **Supply chain attacks**: The Code Interpreter relies on **270+ third-party libraries** (e.g., *pandas*, *numpy*), any of which could be compromised to create backdoors. - **Overprivileged access**: AI tools often have broad permissions to **Amazon S3 storage** and **Secrets Manager**, enabling attackers to extract passwords, customer data, or even **delete infrastructure** if the DNS leak is exploited. ### **Industry Reactions and Mitigation Strategies** Security experts criticized AWS’s reliance on **perimeter-based controls**, noting that AI environments require deeper safeguards. **Ram Varadarajan (CEO, Acalvio)** argued that traditional defenses fail against AI-driven threats, advocating for **deception-based security** such as **honey IAM credentials** and **DNS sinkholes** to detect malicious activity. **Jason Soroko (Senior Fellow, Sectigo)** emphasized the urgency of **proactive measures**, given AWS’s decision to address the flaw through documentation rather than a patch. He recommended: - **Migrating critical AgentCore instances from Sandbox to VPC mode** for stricter network isolation. - **Enforcing least-privilege IAM roles** to limit AI tool permissions. The incident underscores the growing risks of **AI-powered code execution**, where even sandboxed environments may harbor exploitable gaps.

633
critical -1
AMA1773707045
Incident Details -
Type
Data Exfiltration
Attack Vector
DNS Exfiltration
Vulnerability Exploited
AWS Bedrock’s AgentCore Code Interpreter Sandbox Bypass
Impact
Data Compromised: Sensitive data (e.g., passwords, customer data, Amazon S3 storage, Secrets Manager) Systems Affected: AWS Bedrock’s AgentCore Code Interpreter Operational Impact: Potential unauthorized code execution, data exfiltration, and infrastructure deletion Brand Reputation Impact: Potential reputational damage due to security flaw disclosure Identity Theft Risk: High (if personally identifiable information was exposed)
Response
Containment Measures: AWS initially patched the flaw in November 2025 but withdrew the fix in December 2025. Updated documentation to warn users of the risk. Remediation Measures: AWS opted for documentation updates instead of a new patch. Recommended mitigations include migrating to VPC mode and enforcing least-privilege IAM roles. Communication Strategy: Public disclosure by Phantom Labs and AWS documentation update Network Segmentation: Recommended migration from Sandbox to VPC mode for stricter isolation Enhanced Monitoring: Recommended use of DNS sinkholes and deception-based security
Data Breach
Passwords Customer data Amazon S3 storage data Secrets Manager data Sensitivity Of Data: High Data Exfiltration: Yes (via DNS queries) Personally Identifiable Information: Potential (if targeted)
Lessons Learned
AI-powered code execution environments require deeper safeguards beyond perimeter-based controls. Traditional defenses may fail against AI-driven threats, necessitating proactive measures like deception-based security and least-privilege access.
Recommendations
Migrate critical AgentCore instances from Sandbox to VPC mode for stricter network isolation. Enforce least-privilege IAM roles to limit AI tool permissions. Implement deception-based security (e.g., honey IAM credentials, DNS sinkholes). Monitor third-party libraries for supply chain attacks. Enhance monitoring for DNS-based exfiltration attempts.
Investigation Status
['Publicly disclosed, no active patch']
Stakeholder Advisories
AWS updated documentation to warn users of the risk. Security experts recommend proactive mitigations.
Post Incident Analysis
Root Causes: Insufficient isolation in AWS Bedrock’s Sandbox mode, permitting DNS-based exfiltration. Overprivileged AI tool access and reliance on third-party libraries. Corrective Actions: AWS chose documentation updates over a patch. Recommended actions include VPC migration, least-privilege IAM roles, and deception-based security.
References
Blog URL Source URL
MARCH 2026
667
Cyber Attack
08 Mar 2026 • GitHub, NPM, Google and AWS: 83% of Cloud Breaches Start with Identity. AI Agents are About to Make it Worse.
Google’s Cloud Threat Horizons Report: Accelerating Cyber Threats and Flawed Defenses

**Google’s Cloud Threat Horizons Report Reveals Accelerating Cyber Threats and Flawed Defenses** Google’s *H1 2026 Cloud Threat Horizons Report*, compiled by the Google Threat Intelligence Group, Mandiant Incident Response, and the Office of the CISO, highlights a rapidly evolving threat landscape that outpaces traditional security measures. The report identifies three critical vulnerabilities in enterprise defenses: unchecked identity sprawl, weaponized AI tools, and collapsing exploitation windows all demanding a fundamental shift in security architecture. ### **Identity Failures: The Unresolved Crisis Expands** For years, stolen credentials and phishing have dominated breach vectors, yet organizations continue to overprovision access prioritizing operational convenience over security. Google’s data reveals that **83% of cloud intrusions in H2 2025 stemmed from identity compromise**, but the real concern lies in *where* these failures occur. Two incidents illustrate the shift: - **UNC4899 (North Korean actors)** exploited unconstrained CI/CD service accounts in Kubernetes, bypassing human oversight entirely. - **UNC6426** leveraged a compromised GitHub token to escalate to full AWS admin access within **72 hours**, demonstrating how non-human identities service accounts, OIDC roles, and long-lived tokens now drive attacks. The proliferation of AI agents, which authenticate autonomously and traverse environments at machine speed, risks repeating these mistakes at an unprecedented scale. ### **AI as an Attacker’s Reconnaissance Tool** The **QUIETVAULT** credential stealer, embedded in a malicious NPM package, didn’t just exfiltrate tokens it **hijacked the victim’s local LLM** to scan for sensitive files (.env, .conf, .log) before extracting credentials. The attacker didn’t need to deploy new malware; the developer’s trusted AI-assisted environment became an automated reconnaissance engine, invisible to traditional endpoint detection. Most organizations lack visibility into LLM process execution, let alone policies to detect anomalous activity. ### **Exploitation Windows Collapse to Days** In H2 2025, threat actors deployed cryptocurrency miners **within 48 hours** of a critical CVE’s disclosure. Software-based initial access vectors surged from **2.9% to 44.5% of incidents** in six months, shrinking the window between vulnerability disclosure and mass exploitation from weeks to days. Manual patching, access reviews, and incident triage are now obsolete Google’s automated forensic pipeline reduced cloud compromise investigations from days to **under 60 minutes**, proving that human-speed responses are no longer viable. ### **The Case for AI-Native Security** The report argues that **bolting AI onto legacy security tools is insufficient**. Instead, enterprises need **AI-native security architectures** designed for: - **Identity governance** that accounts for autonomous AI agents, not just human users. - **Threat detection** that treats LLM activity as a primary signal. - **Automated response pipelines** where human judgment intervenes only for critical decisions, not as a bottleneck. Adversaries already operate at machine speed, exploiting ungoverned identities and weaponizing AI. Organizations delaying this shift are making a **present-tense risk decision** one the data shows is already being exploited.

659
critical -8
GOOAMANPMGIT1773319158
Incident Details -
Type
Identity Compromise AI Weaponization Software Exploitation
Attack Vector
Stolen Credentials Phishing Malicious NPM Packages Exploited CVEs
Vulnerability Exploited
Unconstrained CI/CD Service Accounts Compromised GitHub Tokens Critical CVEs
Motivation
Financial Gain (Cryptocurrency Mining) Data Exfiltration Espionage
Impact
Credentials Sensitive Files (.env, .conf, .log) Personally Identifiable Information Kubernetes AWS GitHub LLM Environments Operational Impact: Bypassed human oversight; automated reconnaissance and exploitation Identity Theft Risk: High
Response
Automated Forensic Pipelines AI-Native Security Architectures LLM Activity Monitoring Automated Threat Detection
Data Breach
Credentials Sensitive Configuration Files Logs Sensitivity Of Data: High Data Exfiltration: Yes .env .conf .log Personally Identifiable Information: Yes
Lessons Learned
Traditional security measures are insufficient against machine-speed threats. Enterprises must adopt AI-native security architectures, govern autonomous AI agents, and automate response pipelines to keep pace with adversaries.
Recommendations
Implement identity governance for autonomous AI agents. Monitor LLM activity as a primary threat signal. Deploy automated forensic and response pipelines. Shift to AI-native security architectures.
Investigation Status
['Ongoing']
Initial Access Broker
CI/CD Service Accounts GitHub Tokens Malicious NPM Packages AWS Admin Access Kubernetes Environments
Post Incident Analysis
Unchecked identity sprawl (overprovisioned access). Weaponized AI tools (LLM hijacking for reconnaissance). Collapsing exploitation windows (rapid CVE exploitation). Adopt AI-native security architectures. Automate identity governance and threat detection. Reduce reliance on human-speed responses.
References
Blog URL Source URL
MARCH 2026
668
Vulnerability
06 Mar 2026 • Amazon: Amazon AWS-LC Vulnerability Allows Attackers to Bypass Certificate Chain Verification
AWS-LC Cryptographic Library Flaws Expose Certificate and Signature Validation Risks

**AWS-LC Cryptographic Library Flaws Expose Certificate and Signature Validation Risks** Amazon has disclosed three critical vulnerabilities in **AWS-LC**, its open-source cryptographic library, which could allow attackers to bypass certificate and signature validation or exploit timing side-channel leaks. The flaws tracked as **CVE-2026-3336, CVE-2026-3337, and CVE-2026-3338** affect AWS-LC, *aws-lc-sys*, and *aws-lc-sys-fips* packages used in AWS services and third-party integrations for secure communications. ### **Key Vulnerabilities and Impact** 1. **Certificate Chain & Signature Validation Bypasses (CVE-2026-3336, CVE-2026-3338)** - **CVE-2026-3336**: A flaw in the `PKCS7_verify()` function fails to properly validate certificate chains in PKCS7 objects with multiple signers, allowing attackers to bypass validation for all but the final signer. This could enable trust in unverified or malicious certificates. - **CVE-2026-3338**: Improper handling of **Authenticated Attributes** in PKCS7 objects permits signature bypass, making tampered or unsigned data appear legitimate. Both vulnerabilities affect **AWS-LC v1.41.0–v1.68.x** and *aws-lc-sys v0.24.0–v0.37.x*, risking man-in-the-middle or data tampering attacks in environments relying on digital signatures or certificate validation. 2. **Timing Side-Channel in AES-CCM (CVE-2026-3337)** - Subtle timing variations during AES-CCM decryption could leak authentication tag validity, potentially allowing attackers to infer cryptographic state or brute-force tags. This affects **AWS-LC v1.21.0–v1.68.x**, **AWS-LC-FIPS 3.0.0–3.1.x**, and corresponding *aws-lc-sys* modules. While no public exploits exist, successful exploitation could lead to key exposure or message forgery under controlled conditions. ### **Mitigation and Fixes** Amazon has released patches in: - **AWS-LC v1.69.0** - **AWS-LC-FIPS v3.2** - *aws-lc-sys v0.38.0* - *aws-lc-sys-fips v0.13.12* For **CVE-2026-3337**, a temporary workaround involves replacing specific AES-CCM configurations (e.g., `M=4, L=2`) with alternative EVP AEAD API implementations. However, AWS strongly recommends **immediate upgrades**, as no other mitigations exist for the certificate/signature bypass flaws. The **AISLE Research Team** was credited for discovering **CVE-2026-3336** and **CVE-2026-3337** through coordinated disclosure. Technical details are available via AWS Security Advisories on GitHub and the respective CVE entries.

667
critical -1
AMA1772792723
Incident Details -
Type
Cryptographic Vulnerability Certificate Validation Bypass Signature Validation Bypass Timing Side-Channel
Attack Vector
Exploitation of cryptographic library flaws Man-in-the-middle attacks Data tampering
Vulnerability Exploited
CVE-2026-3336 CVE-2026-3337 CVE-2026-3338
Impact
Certificate validation bypass Signature validation bypass Potential cryptographic key exposure AWS-LC v1.41.0–v1.68.x aws-lc-sys v0.24.0–v0.37.x AWS-LC-FIPS 3.0.0–3.1.x aws-lc-sys-fips Risk of man-in-the-middle attacks Data tampering Potential message forgery Brand Reputation Impact: Potential erosion of trust in AWS cryptographic security
Response
Patches released for AWS-LC v1.69.0, AWS-LC-FIPS v3.2, aws-lc-sys v0.38.0, aws-lc-sys-fips v0.13.12 Immediate upgrades to patched versions Replacement of specific AES-CCM configurations as a temporary workaround AWS Security Advisories on GitHub CVE entries
Data Breach
Potential compromise of AES-CCM encryption
Recommendations
Immediate upgrade to patched versions of AWS-LC and related packages Review and replace vulnerable AES-CCM configurations if upgrades are not feasible
Post Incident Analysis
Flaws in PKCS7_verify() function Improper handling of Authenticated Attributes in PKCS7 objects Timing variations in AES-CCM decryption Patching vulnerabilities in AWS-LC Enhanced validation mechanisms for certificate and signature verification
References
Blog URL Source URL
MARCH 2026
676
Cyber Attack
04 Mar 2026 • Amazon: What to Expect from Iran’s Digital Counterstrike
Iran’s Cyber Retaliation Following U.S.-Israel Bombing Campaign

**Iran’s Cyber Retaliation Expected as Middle East Conflict Escalates** Following a U.S.-Israel bombing campaign in Iran that eliminated key political and military leaders, the region has entered a phase of heightened kinetic and cyber warfare. Iran, recognized as one of the world’s most aggressive cyber actors, is now reconstituting its disrupted command structure to launch retaliatory digital attacks. Initial strikes damaged Amazon cloud facilities in the UAE and Bahrain via drones, while Iran-aligned hacking groups have already conducted limited cyber operations. However, the decapitation of Iran’s Supreme Leader, Islamic Revolutionary Guard Corps (IRGC), and Ministry of Intelligence and Security (MOIS) leadership temporarily fractured coordination, delaying large-scale cyber campaigns. Analysts anticipate a surge in destructive attacks in the coming days as Iran’s cyber forces regroup. Unlike typical cyber operations focused on espionage or financial gain, these strikes will prioritize maximum disruption compromising, corrupting, or destroying systems rather than stealing data. Primary targets include critical infrastructure in Western and allied Arab nations, such as energy grids, transportation, communications, finance, and healthcare sectors largely managed by private entities. Secondary attacks will adopt a "digital carpet-bombing" approach, indiscriminately hitting organizations to amplify fear and economic strain. Misinformation campaigns may follow but are expected to lag behind immediate destructive efforts. While Iran’s cyber arsenal lacks the sophistication to cripple major Western infrastructure simultaneously, smaller nations may face severe disruptions requiring international recovery support. The coming weeks are likely to see intensified cyber activity as Iran deploys its full offensive capabilities in response to the conflict.

668
critical -8
AMA1772678135
Incident Details -
Type
Cyber Warfare, Destructive Attack
Attack Vector
Drones (physical), Cyber Operations (digital)
Motivation
Retaliation for U.S.-Israel bombing campaign, Geopolitical conflict, Disruption of critical infrastructure
Impact
Systems Affected: Energy grids, Transportation, Communications, Finance, Healthcare, Cloud facilities (Amazon) Operational Impact: Severe disruptions in smaller nations, potential international recovery support required
Data Breach
Data Exfiltration: Not prioritized (focus on destruction)
Post Incident Analysis
Root Causes: Geopolitical conflict, Retaliation for military strikes
References
Blog URL Source URL
MARCH 2026
709
Breach
03 Mar 2026 • RELX Group and LexisNexis Legal & Professional: LexisNexis Data Breach — Threat Actor Allegedly Claims 2.04 GB Stolen
FulcrumSec Claims Breach of LexisNexis, Exposing 2GB of Sensitive Legal Data

**FulcrumSec Claims Breach of LexisNexis, Exposing 2GB of Sensitive Legal Data** On March 3, 2026, the threat actor **FulcrumSec** publicly took responsibility for a breach of **LexisNexis Legal & Professional**, a division of RELX Group, alleging the theft of **2.04 GB of structured data** from the company’s **AWS cloud infrastructure**. The attack, which began on **February 24**, exploited the **React2Shell vulnerability** in an unpatched **React frontend application** a flaw reportedly left unaddressed for months. FulcrumSec gained access via the compromised **LawfirmsStoreECSTaskRole ECS task container**, which had broad permissions, including read access to: - **Production Redshift data warehouse** - **17 VPC databases** - **AWS Secrets Manager** - **Qualtrics survey platform** The actor criticized LexisNexis’s security practices, highlighting that the **RDS master password was set to "Lexis1234"** and that a single task role had access to **all AWS Secrets Manager entries**, including production database credentials. **Exposed Data Includes:** - **3.9 million database records** - **400,000 cloud user profiles** (names, emails, phone numbers, job functions) - **21,042 enterprise customer accounts** - **45 employee password hashes** - **118 .gov email accounts** (federal judges, DOJ attorneys, U.S. SEC staff, and court law clerks) - **53 plaintext AWS Secrets Manager secrets** - **Complete VPC infrastructure map** FulcrumSec clarified that this breach is **unrelated to the December 2024 GitHub incident**, where attackers stole **Social Security numbers of 364,000 individuals** via a third-party development platform. The repeated compromises raise concerns about **systemic security gaps** in one of the world’s largest legal data repositories.

668
critical -41
RELLEX1772562253
Incident Details -
Type
Data Breach
Attack Vector
Exploitation of unpatched vulnerability (React2Shell)
Vulnerability Exploited
React2Shell vulnerability in React frontend application
Impact
Data Compromised: 2.04 GB of structured data AWS cloud infrastructure Production Redshift data warehouse 17 VPC databases AWS Secrets Manager Qualtrics survey platform Brand Reputation Impact: Systemic security gaps concerns Identity Theft Risk: High (exposure of PII, .gov email accounts, and password hashes)
Data Breach
Database records Cloud user profiles Enterprise customer accounts Employee password hashes Government email accounts AWS Secrets Manager secrets VPC infrastructure map Number Of Records Exposed: 3.9 million database records, 400,000 cloud user profiles Sensitivity Of Data: High (PII, .gov accounts, plaintext secrets, password hashes) Data Exfiltration: 2.04 GB of data stolen Personally Identifiable Information: Names, emails, phone numbers, job functions, .gov email accounts
Initial Access Broker
Entry Point: LawfirmsStoreECSTaskRole ECS task container
Post Incident Analysis
Unpatched React2Shell vulnerability Over-permissive ECS task role Weak RDS master password (Lexis1234) Single task role with access to all AWS Secrets Manager entries
References
Blog URL Source URL
MARCH 2026
709
Breach
01 Mar 2026 • European Commission: European Commission investigating breach after Amazon cloud account hack
EU Commission Cloud Breach: Threat Actor Steals 350GB of Data

**EU Commission Investigates Cloud Breach After Threat Actor Steals 350GB of Data** The European Commission is probing a security breach after a threat actor infiltrated its Amazon cloud infrastructure, gaining access to sensitive employee data. While the EU’s executive body has not publicly acknowledged the incident, sources confirmed to *BleepingComputer* that at least one account managing the compromised cloud environment was affected. The attack was swiftly detected, prompting the Commission’s cybersecurity incident response team to launch an investigation. The threat actor, who claimed responsibility, told *BleepingComputer* they exfiltrated over 350GB of data including multiple databases and provided screenshots as proof of access to employee information and an internal email server. Unlike typical ransomware attacks, the actor stated they have no plans to extort the Commission but intend to leak the data online at a later date. This breach follows a separate incident in January, when the Commission disclosed a hack of its mobile device management platform, linked to vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) software. Similar attacks targeted other European institutions, including Finland’s Valtori and the Dutch Data Protection Authority. The incidents coincide with heightened cybersecurity concerns in the EU. In January, the Commission proposed new legislation to bolster defenses against state-backed cyber threats, while the Council of the European Union recently sanctioned three Chinese and Iranian firms for cyberattacks on critical infrastructure.

709
critical -0
EUR1774628727
Incident Details -
Type
Data Breach
Attack Vector
Cloud Infrastructure Compromise
Motivation
Data Exfiltration (Non-Ransomware)
Impact
Data Compromised: 350GB of data, including databases and employee information Systems Affected: Amazon cloud infrastructure, internal email server Brand Reputation Impact: Potential reputational damage to the European Commission Identity Theft Risk: High (employee data exposed)
Response
Incident Response Plan Activated: Yes Communication Strategy: Limited public acknowledgment
Data Breach
Databases Employee information Internal email server data Sensitivity Of Data: High (employee data, internal communications) Data Exfiltration: Yes (350GB exfiltrated) Personally Identifiable Information: Yes
Investigation Status
['Ongoing']
References
Blog URL Source URL
FEBRUARY 2026
706
JANUARY 2026
703
DECEMBER 2025
710
Cyber Attack
26 Dec 2025 • Oracle Cloud, Azure and AWS: TeamPCP Turns Cloud Infrastructure into Crime Bots
TeamPCP Exploits Cloud Misconfigurations in Large-Scale Cybercrime Operation

**TeamPCP Exploits Cloud Misconfigurations in Large-Scale Cybercrime Operation** A threat actor known as **TeamPCP** (also operating under aliases like **PCPcat** and **ShellForce**) is conducting automated, worm-like attacks on misconfigured and exposed cloud management services, compromising at least **60,000 servers worldwide** since late December. The group’s campaign primarily targets **Azure (60% of attacks), AWS (37%), and Google and Oracle cloud environments**, exploiting well-documented vulnerabilities and misconfigurations rather than developing new attack methods. TeamPCP’s operations involve scanning for exposed **Docker APIs, Kubernetes clusters, Ray dashboards, and systems with leaked secrets** (such as `.env` files). Once inside, the group deploys malicious **Python and Shell scripts** to install proxies, tunneling software, and persistence mechanisms, effectively converting compromised infrastructure into a **self-propagating botnet**. A key tool in their arsenal is the **React2Shell vulnerability (CVE-2025-29927)**, which allows remote command execution and data exfiltration. The group monetizes its attacks through multiple revenue streams, including: - **Cryptocurrency mining** using hijacked compute resources. - **Data theft and extortion**, with stolen records including **personal IDs, employment records, and résumés** published on a leak site operated by an affiliate, **ShellForce**. - **Selling access** to compromised systems for use as proxies or command-and-control infrastructure. - **Ransomware deployment**, leveraging infected systems as launchpads for further attacks. Notably, TeamPCP has targeted **JobsGO**, a Vietnamese recruitment platform, exfiltrating **over two million records** containing sensitive personal and professional data. Most victims are located in **South Korea, Canada, the U.S., Serbia, and the UAE**, with stolen information often used for **phishing, impersonation, or account takeovers**. Despite its sophistication, TeamPCP’s techniques are **not novel** the group relies on **automated exploitation of known vulnerabilities** and recycled tooling. Security firm **Flare** warns that the threat actor’s strength lies in its **large-scale automation**, turning exposed cloud infrastructure into a **distributed criminal ecosystem**. The group also maintains a **Telegram channel** (launched in November, with ~700 members) for updates and reputation-building, though researchers suggest it may have operated under previous aliases. The campaign underscores the risks of **unsecured cloud control planes, leaked credentials, and poor access controls**, as TeamPCP continues to industrialize existing attack vectors with alarming efficiency.

702
critical -8
AMAORAMIC1770695748
Incident Details -
Type
Cloud Misconfiguration Exploitation Botnet Data Theft Ransomware
Attack Vector
Exposed Docker APIs Kubernetes clusters Ray dashboards Leaked secrets (.env files) React2Shell vulnerability (CVE-2025-29927)
Vulnerability Exploited
CVE-2025-29927 (React2Shell) Cloud misconfigurations Leaked credentials
Motivation
Financial gain Data extortion Cryptocurrency mining Selling access to compromised systems
Impact
Data Compromised: Over two million records (personal IDs, employment records, résumés) Systems Affected: 60,000+ servers worldwide Operational Impact: Compromised infrastructure converted into a botnet for further attacks Identity Theft Risk: High (personal and professional data used for phishing, impersonation, or account takeovers)
Response
Third Party Assistance: Flare (security firm)
Data Breach
Personal IDs Employment records Résumés Number Of Records Exposed: Over two million Sensitivity Of Data: High (personally identifiable and professional information)
Lessons Learned
The incident underscores the risks of unsecured cloud control planes, leaked credentials, and poor access controls, highlighting the need for robust cloud security practices.
Recommendations
Secure exposed Docker APIs, Kubernetes clusters, and Ray dashboards Implement strict access controls and secrets management Monitor for leaked credentials and misconfigurations Enhance detection of automated exploitation attempts Segment cloud networks to limit lateral movement
Initial Access Broker
Exposed Docker APIs Kubernetes clusters Ray dashboards Leaked secrets
Post Incident Analysis
Cloud misconfigurations Exposed management services Leaked credentials
References
Blog URL Source URL
DECEMBER 2025
716
Cyber Attack
01 Dec 2025 • Alibaba Cloud, Tencent Cloud, AWS, Microsoft Azure, LangFlow and NVIDIA: VoidLink Malware Framework Targets Kubernetes and AI Workloads in New Cyber Attack Wave
VoidLink Malware Framework Exposes Critical Gaps in Kubernetes and AI Workload Security

**VoidLink Malware Framework Exposes Critical Gaps in Kubernetes and AI Workload Security** In December 2025, Check Point Research disclosed *VoidLink*, a sophisticated Linux malware framework designed to infiltrate cloud-native and AI workloads, marking a shift in how threat actors target modern infrastructure. Developed by the previously unknown advanced persistent threat (APT) group *UAT-9921* active since at least 2019 VoidLink is purpose-built for stealthy, long-term persistence in containerized and Kubernetes environments, rather than repurposed from legacy Windows tooling. The malware employs advanced evasion techniques, including rootkit-style tactics, in-memory execution, self-modifying code, and anti-analysis checks to remain fileless and undetectable by traditional security tools. It fingerprints its environment to identify major cloud providers (AWS, GCP, Azure, Alibaba, Tencent) and adapts its behavior based on whether it runs on bare metal, VMs, Docker containers, or Kubernetes pods. Once deployed typically via stolen credentials or exploited enterprise services like Java serialization flaws VoidLink harvests cloud metadata, credentials, and secrets, enabling command-and-control (C2), lateral movement, and internal reconnaissance. Cisco Talos highlighted VoidLink’s *compile-on-demand* capability, describing it as a near-production-ready foundation for AI-enabled attack frameworks that dynamically generate tools for operators. The framework’s design, deemed "defense contractor-grade," underscores a broader trend: adversaries are increasingly focusing on Kubernetes, microservices, and AI workloads as primary attack surfaces. Recent campaigns reflect this evolution. *ShadowRay 2.0* and the *TeamPCP worm* have weaponized AI infrastructure, hijacking GPU clusters and Kubernetes environments to create self-propagating botnets using LLM-generated payloads and privileged DaemonSets. Meanwhile, container escape vulnerabilities like *NVIDIAScape* (CVE-2025-23266) demonstrated how minor Dockerfile misconfigurations could grant host-level root access, with researchers estimating exposure in over a third of cloud environments. The AI supply chain is also under siege, with threats ranging from *LangFlow RCE* enabling remote code execution and account takeovers to malicious Keras models executing arbitrary code when loaded from public repositories. Security researchers have identified nearly 100 poisoned machine-learning models on trusted platforms, revealing how even "safe" AI assets can conceal backdoors. Industry data underscores the urgency: Red Hat reports that 90% of organizations experienced at least one Kubernetes security incident in the past year, while container-based lateral movement in Kubernetes environments surged in 2025. VoidLink’s evasion tactics encrypting code, operating in memory, and tampering with user-space observability exploit a critical blind spot in many security programs. Traditional detection methods, reliant on user-space agents and log-based monitoring, struggle to counter threats designed to bypass them. To address this gap, runtime security solutions like *Hypershield* developed by Isovalent (now part of Cisco) leverage eBPF to provide kernel-level observability and enforcement. By deploying eBPF programs in the Linux kernel, Hypershield monitors process execution, syscalls, file access, and network activity in real time, mapping events to Kubernetes namespaces, pods, and workload identities. Cisco’s analysis demonstrates how Hypershield can track and mitigate VoidLink across its kill chain, circumventing the malware’s evasion tactics by detecting behavior directly at the kernel level. The rise of VoidLink and similar threats such as AI-driven botnets and supply chain exploits highlights a stark reality: many organizations lack visibility and control within Kubernetes environments, where AI models and core business workloads operate. While investments in endpoint, identity, and cloud monitoring have grown, they have not kept pace with the shift to workload-centric security. Integrating kernel-level runtime telemetry into SOC workflows is now critical to detecting and containing these attacks in real time. Cisco’s approach combines Hypershield’s eBPF-based enforcement with platforms like Splunk to correlate workload signals with broader security operations, offering a model for defending against cloud-native, AI-aware threats.

708
critical -8
KUBNVITENALIAMAMIC1772627215
Incident Details -
Type
Malware Framework
Attack Vector
Stolen credentials Exploited enterprise services (e.g., Java serialization flaws)
Vulnerability Exploited
Container escape vulnerabilities (e.g., CVE-2025-23266) AI supply chain threats (e.g., LangFlow RCE) Poisoned machine-learning models
Impact
Cloud metadata Credentials Secrets Kubernetes environments Containerized workloads AI workloads GPU clusters Operational Impact: Lateral movement, internal reconnaissance, and command-and-control (C2) operations
Response
Third Party Assistance: Check Point Research, Cisco Talos Enhanced Monitoring: Kernel-level runtime telemetry (e.g., Hypershield using eBPF)
Data Breach
Cloud metadata Credentials Secrets Sensitivity Of Data: High Data Encryption: Malware uses encryption for evasion
Lessons Learned
Traditional detection methods (user-space agents, log-based monitoring) are insufficient against threats like VoidLink. Kernel-level runtime security (e.g., eBPF) is critical for detecting and mitigating cloud-native and AI-aware threats. Organizations lack visibility and control in Kubernetes environments, where AI models and core business workloads operate.
Recommendations
Integrate kernel-level runtime telemetry (e.g., eBPF) into SOC workflows for real-time detection and enforcement. Adopt runtime security solutions like Hypershield to monitor process execution, syscalls, file access, and network activity at the kernel level. Correlate workload signals with broader security operations (e.g., Splunk) to defend against cloud-native threats. Address Kubernetes security gaps, as 90% of organizations experienced at least one incident in the past year. Secure AI supply chains by vetting machine-learning models from public repositories for backdoors.
Investigation Status
['Disclosed']
Post Incident Analysis
Lack of kernel-level visibility in Kubernetes environments Over-reliance on user-space agents and log-based monitoring Exploitation of container escape vulnerabilities and AI supply chain threats Deploy eBPF-based runtime security solutions (e.g., Hypershield) Enhance monitoring of Kubernetes and AI workloads Improve vetting of AI models and cloud configurations
References
Blog URL Source URL
NOVEMBER 2025
741
Breach
28 Nov 2025 • Amazon and AWS: 8-Minute Access: AI Accelerates Breach of AWS Environment
AI-Powered Attack Breaches AWS Environment in Under 10 Minutes

**AI-Powered Attack Breaches AWS Environment in Under 10 Minutes** On **November 28, 2025**, a threat actor exploited exposed credentials in public **Amazon S3 buckets** to gain initial access to an **AWS environment**, escalating privileges to administrative control in just **eight minutes**. The attack, analyzed by **Sysdig’s Threat Research Team (TRT)**, highlights the growing role of **AI and large language models (LLMs)** in accelerating cyber intrusions. The attacker leveraged **Lambda function code injection**, repeatedly modifying an existing function (*EC2-init*) to target a user (*"frick"*) with admin privileges. Once inside, they used **AI-assisted techniques** to automate reconnaissance, generate malicious code, and execute real-time decisions, significantly reducing the time defenders had to detect and respond. Key tactics included: - **Programmatic interaction with AWS Marketplace APIs** to access AI models (e.g., Claude, DeepSeek R1, Meta’s Llama 4 Scout) on the victim’s behalf. - **Cross-region inference profiles** to distribute model invocations, complicating detection. - **Lateral movement** across **19 AWS principals**, including attempts to assume cross-account roles by enumerating account IDs some of which did not belong to the target organization. - **Provisioning GPU instances** on **EC2** for potential AI model development or resource abuse. - **Exfiltration of cloud data** and abuse of **Amazon Bedrock**, an AI app-dev environment. The attack’s speed and efficiency were attributed to **AI-driven automation**, with the threat actor writing code in **Serbian** and demonstrating advanced scripting techniques, including exception handling. Researchers noted **hallucinated elements** in the attacker’s scripts, further suggesting LLM assistance. The initial breach stemmed from a **basic security lapse**: valid credentials left exposed in public S3 buckets, some named using common AI tool conventions. Experts emphasized that such oversights like relying on long-term IAM user credentials instead of temporary roles remain a persistent risk in cloud environments. The incident underscores how **AI is reshaping cyber threats**, enabling attackers to execute complex operations with unprecedented speed and precision. As offensive AI tools improve, defenders face shrinking response windows, making runtime detection and least-privilege enforcement critical.

716
critical -25
AMAAWS1770152164
Incident Details -
Type
Cloud Breach
Attack Vector
Exposed credentials in public Amazon S3 buckets
Vulnerability Exploited
Exposed long-term IAM user credentials, Lambda function code injection
Impact
Systems Affected: AWS environment, Lambda functions, EC2 instances, Amazon Bedrock Operational Impact: Administrative control gained, lateral movement across 19 AWS principals, potential AI model development abuse
Response
Third Party Assistance: Sysdig’s Threat Research Team (TRT)
Data Breach
Type Of Data Compromised: Cloud data, potentially sensitive organizational data
Lessons Learned
AI-driven automation accelerates cyber intrusions, reducing defender response windows. Basic security lapses like exposed credentials remain a persistent risk. Runtime detection and least-privilege enforcement are critical in cloud environments.
Recommendations
Avoid long-term IAM user credentials; use temporary roles. Monitor Lambda function modifications. Implement runtime detection and least-privilege access controls. Secure public S3 buckets and enforce strict credential hygiene.
Investigation Status
['Analyzed']
Initial Access Broker
Entry Point: Exposed credentials in public Amazon S3 buckets High Value Targets: AWS admin privileges, cross-account roles
Post Incident Analysis
Root Causes: Exposed long-term IAM user credentials in public S3 buckets, lack of least-privilege enforcement, insufficient runtime detection Corrective Actions: Replace long-term credentials with temporary roles, enhance monitoring of Lambda functions, enforce least-privilege access, secure public S3 buckets
References
Blog URL Source URL
NOVEMBER 2025
747
Cyber Attack
02 Nov 2025 • Amazon Web Services: AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
Cryptocurrency Mining Campaign Targeting AWS Customers via Compromised IAM Credentials

**AWS Customers Targeted in Large-Scale Cryptocurrency Mining Campaign** A new cryptocurrency mining campaign is exploiting compromised AWS Identity and Access Management (IAM) credentials to hijack cloud environments for illicit profit. First detected by Amazon’s GuardDuty service on **November 2, 2025**, the attack leverages stolen IAM credentials to covertly deploy mining operations within AWS accounts, turning customer resources into cryptocurrency farms. The campaign employs **novel persistence techniques**, making detection and removal difficult. Attackers bypass standard security measures, embedding themselves within AWS infrastructure and requiring thorough remediation efforts to fully eradicate. The incident highlights vulnerabilities in cloud security, particularly around **IAM credential management**, as compromised access keys grant attackers unfettered control over AWS resources. GuardDuty’s automated threat detection played a key role in identifying the malicious activity, flagging unusual patterns indicative of unauthorized mining. AWS has urged customers to **rotate IAM credentials immediately**, enforce **multifactor authentication (MFA)**, and monitor accounts for suspicious configurations. The attack underscores the growing sophistication of cloud-based threats and the need for **proactive security measures**, including regular audits and automated monitoring, to counter evolving risks in cloud environments.

739
medium -8
AMA1765965358
Incident Details -
Type
Cryptocurrency Mining
Attack Vector
Compromised IAM credentials
Vulnerability Exploited
Weak IAM credential security, lack of multifactor authentication (MFA)
Motivation
Financial gain through unauthorized cryptocurrency mining
Impact
Financial Loss: Potential resource costs from unauthorized AWS usage Systems Affected: AWS environments, IAM configurations Operational Impact: Degraded AWS performance, potential disruption of legitimate services Brand Reputation Impact: Potential reputational damage for AWS and affected customers
Response
Containment Measures: Immediate rotation of IAM credentials, monitoring for unusual activity Remediation Measures: Implementation of multifactor authentication (MFA), security audits, engagement with AWS support Enhanced Monitoring: Amazon GuardDuty for threat detection
Lessons Learned
Critical need for strong IAM protocols, regular security audits, and automated threat detection systems like GuardDuty to mitigate cloud-based threats.
Recommendations
Rotate IAM credentials immediately to prevent unauthorized access Enable multifactor authentication (MFA) for all AWS accounts Monitor AWS accounts for unusual activity or configurations Engage with AWS support or security teams for incident response guidance Conduct regular security audits and reviews of AWS environments
Investigation Status
Ongoing
Customer Advisories
AWS customers should rotate IAM credentials, enable MFA, and monitor accounts for unusual activity.
Stakeholder Advisories
AWS users advised to review security configurations and conduct regular audits to detect and address unauthorized activities.
Initial Access Broker
Entry Point: Compromised IAM credentials
Post Incident Analysis
Root Causes: Weak IAM credential security, lack of MFA, insufficient monitoring of AWS environments Corrective Actions: Strengthen IAM policies, implement MFA, enhance monitoring with GuardDuty, conduct security audits
References
Blog URL Source URL
OCTOBER 2025
754
Cyber Attack
20 Oct 2025 • Amazon Web Services (AWS)
AWS Global Outage Due to DNS Resolution Issues (October 20, 2024)

AWS experienced a **16-hour global outage on October 20**, caused by **DNS resolution issues** in its US-East-1 region, disrupting hundreds of critical online services worldwide. Affected platforms included **Zoom, Canva, banks, airlines, Roblox, Fortnite, Snapchat, and Reddit**, with thousands of users in Singapore reporting disruptions via Downdetector. The outage stemmed from a **chain of failures**: initial DNS problems led to impairments in AWS’s internal subsystem monitoring network load balancers, followed by a **backlog of internet traffic requests**, prolonging restoration. The incident mirrored the severity of a **coordinated cyber attack**, exposing vulnerabilities in cloud resilience and overreliance on legacy technologies like DNS. While AWS confirmed **increased error rates and latencies**, the root cause (hardware error, misconfiguration, or human error) remains undisclosed. The outage underscored risks to **global digital infrastructure**, prompting regulatory responses like Singapore’s upcoming **Digital Infrastructure Act** to enforce stricter security and resilience standards for cloud providers. The economic and operational ripple effects highlighted the **concentrated risk** of single-point failures in cloud services, disrupting businesses, financial transactions, and daily digital activities for millions.

746
critical -8
AMA0232202102125
Incident Details -
Type
Service Disruption Outage
Impact
DNS infrastructure Network load balancers Multiple AWS services in US-East-1 Downtime: 16 hours (from ~2024-10-20T09:00:00Z to ~2024-10-21T01:00:00Z) Operational Impact: Severe disruption to global online services (e.g., banking, airlines, gaming, social media, productivity tools) Customer Complaints: Thousands of reports on Downdetector (Singapore and globally) Brand Reputation Impact: Highlighted overreliance on AWS and legacy DNS technologies; compared to CrowdStrike (July 2024) and Equinix (October 2023) outages
Response
Incident Response Plan Activated: Yes (AWS acknowledged increased error rates and latencies; detailed post-event summary pending) Resolved DNS resolution issues Addressed impairments in internal subsystem for network load balancer health monitoring Cleared backlog of internet traffic requests Restored services to normal operations Recovery Measures: Full service restoration after ~16 hours Communication Strategy: Public acknowledgment via AWS status website; spokeswoman provided updates to media (no detailed timeline for post-event summary)
Regulatory Compliance
Regulatory Notifications: Singapore's upcoming Digital Infrastructure Act (to be tabled in Parliament) aims to enhance accountability for cloud providers and data centers post-incident
Lessons Learned
Overreliance on legacy technologies (e.g., DNS) poses systemic risks in cloud-era demands. Highly concentrated risk in single providers (e.g., AWS) can disrupt global operations akin to cyber attacks. Need for fortified cloud resilience and redundancy to mitigate ripple effects on digital economies. Government intervention (e.g., Singapore's Digital Infrastructure Act) may be necessary to enforce higher security/resilience standards.
Recommendations
Modernize DNS and critical infrastructure to meet cloud-era demands. Implement redundancy and failover mechanisms for core services like DNS and load balancers. Enhance transparency in post-incident disclosures (e.g., timely root cause analysis). Diversify cloud dependencies to reduce single points of failure. Strengthen collaboration between cloud providers and regulators to improve resilience standards.
Investigation Status
Ongoing (AWS to release detailed post-event summary; no timeline provided)
Customer Advisories
AWS acknowledged service disruptions via status page; no specific customer advisories mentioned.
Post Incident Analysis
Root Causes: Pending AWS's detailed summary (potential causes: hardware error, misconfiguration, human error, or unforeseen DNS subsystem failures) Corrective Actions: Pending AWS's detailed summary (known actions: DNS resolution fixes, load balancer subsystem repairs, traffic backlog clearance)
References
Blog URL Source URL
SEPTEMBER 2025
761
Cyber Attack
23 Sep 2025 • AWS (Amazon Web Services)
ShadowV2 DDoS Campaign Exploiting Exposed Docker APIs on AWS EC2

Darktrace researchers uncovered a cyber campaign dubbed **ShadowV2**, exploiting misconfigured **exposed Docker APIs** on **AWS EC2 instances**. Attackers leveraged the **Python Docker SDK** to interact with unsecured Docker daemons, deploying malicious containers directly on victims' systems instead of using prebuilt images—likely to minimize forensic evidence. The compromised Docker environments were then repurposed as launchpads for **DDoS (Distributed Denial of Service) attacks**, turning cloud-native misconfigurations into a scalable attack vector. While AWS Docker instances are **not exposed to the internet by default**, improper configurations enabled external access, allowing threat actors to infiltrate systems. The attack highlights the industrialization of cybercrime, where **DDoS-as-a-service** models—complete with APIs, dashboards, and user interfaces—are commoditized. Although the article does not specify direct financial or data losses, the exploitation of cloud infrastructure for large-scale DDoS operations poses **reputational risks**, **operational disruptions**, and potential **financial liabilities** for AWS customers whose instances were hijacked. The incident underscores the growing sophistication of cybercriminals in weaponizing misconfigured cloud services, with **AWS EC2** serving as a primary target in this campaign. While no customer data breaches were reported, the abuse of Docker APIs for malicious purposes could erode trust in AWS’s security posture, particularly among enterprises relying on containerized workloads.

753
high -8
AMA4092640092325
Incident Details -
Type
DDoS Attack Cloud Misconfiguration Exploitation Unauthorized Container Deployment
Attack Vector
Exposed Docker API Misconfigured AWS EC2 Instances Python Docker SDK
Vulnerability Exploited
Misconfigured Docker Daemon (Exposed to Internet) Improper Access Controls on AWS EC2
Motivation
Financial Gain Disruption Cybercrime-as-a-Service
Impact
AWS EC2 Instances with Exposed Docker APIs Victim Containers Potential Service Disruption from DDoS Resource Hijacking for Attack Infrastructure Potential Reputation Damage for Affected Organizations Highlighting Cloud Security Gaps
Response
Darktrace (Detection and Analysis) Securing Exposed Docker APIs Disabling Unnecessary External Access to Docker Daemons Reviewing AWS EC2 Configurations Darktrace Honeypots for Detection
Lessons Learned
Exposed Docker APIs on cloud instances are a significant attack vector for DDoS campaigns. Threat actors are industrializing cybercrime with user-friendly tools (e.g., APIs, dashboards) for DDoS attacks. Misconfigurations in cloud-native environments (e.g., AWS EC2) can serve as launchpads for broader attacks. Building malicious containers on victim machines may reduce forensic evidence compared to importing prebuilt images.
Recommendations
Disable external access to Docker daemons unless absolutely necessary. Regularly audit cloud configurations (e.g., AWS EC2) for exposed services. Implement network segmentation to limit lateral movement from compromised containers. Use behavioral detection tools (e.g., Darktrace) to identify anomalous container activity. Monitor for unauthorized use of Docker SDK or container deployment tools.
Investigation Status
['Ongoing (Darktrace Honeypots Active)']
Initial Access Broker
Exposed Docker API on AWS EC2 AWS EC2 Instances with Docker
Post Incident Analysis
Misconfigured Docker daemons exposed to the internet. Lack of access controls for Docker APIs on cloud instances. Default Docker settings not hardened for production environments. Secure Docker APIs by default, restricting external access. Enforce least-privilege principles for cloud instance configurations. Deploy behavioral detection for containerized environments.
References
Blog URL Source URL
SEPTEMBER 2025
761
Vulnerability
01 Sep 2025 • Amazon Web Services and Wiz: AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks
CodeBreach: AWS CodeBuild Misconfiguration Could Lead to Platform-Wide Compromise

**AWS CodeBuild Misconfiguration Could Have Enabled Supply Chain Attacks** In September 2025, Amazon Web Services (AWS) patched a critical misconfiguration in its **AWS CodeBuild** service that could have allowed attackers to take over the company’s own GitHub repositories including the **AWS JavaScript SDK (aws-sdk-js-v3)** potentially compromising millions of AWS environments. The vulnerability, dubbed **CodeBreach** by cloud security firm **Wiz**, was disclosed responsibly on **August 25, 2025**, and stemmed from a flaw in CI pipeline webhook filters. The issue centered on **insecure regular expression (regex) patterns** in CodeBuild’s webhook filters, which were designed to restrict build triggers to approved GitHub user IDs (ACTOR_ID). However, the filters lacked **start (^) and end ($) anchors**, allowing any user ID containing an approved sequence (e.g., *755743*) to bypass restrictions. Since GitHub assigns numeric IDs sequentially, Wiz researchers exploited this by generating bot accounts with predictable IDs (e.g., *226755743*) to match trusted maintainers’ IDs. Once an attacker triggered a build, they could **leak GitHub admin tokens** including a **Personal Access Token (PAT)** for the *aws-sdk-js-automation* user granting full repository control. This access could have enabled **malicious code injection**, **pull request approvals**, and **secrets exfiltration**, paving the way for **supply chain attacks** affecting AWS services and dependent applications. The misconfiguration impacted four AWS-managed repositories: - **aws-sdk-js-v3** (JavaScript SDK) - **aws-lc** (cryptographic library) - **amazon-corretto-crypto-provider** - **awslabs/open-data-registry** AWS confirmed the flaw was **project-specific** and not a systemic CodeBuild issue. While no exploitation was detected, the company implemented **credential rotations**, **enhanced build process protections**, and **stricter regex validation** to prevent recurrence. The incident underscores the **high-risk nature of CI/CD pipelines**, where minor misconfigurations can lead to **large-scale breaches**. Similar vulnerabilities in **GitHub Actions workflows** such as **pull_request_target** misconfigurations have previously exposed projects from **Google, Microsoft, and NVIDIA** to **remote code execution (RCE)** and **secrets theft**. Security researchers emphasize that **untrusted code should never trigger privileged pipelines** without proper validation.

760
critical -1
AMAWIZ1768515615
Incident Details -
Type
Supply Chain Attack
Attack Vector
Misconfigured CI/CD Pipeline
Vulnerability Exploited
Insufficient regex anchoring in AWS CodeBuild webhook filters
Impact
Data Compromised: GitHub admin tokens, repository secrets, privileged credentials Systems Affected: AWS CodeBuild, GitHub repositories (aws-sdk-js-v3, aws-lc, amazon-corretto-crypto-provider, awslabs/open-data-registry) Operational Impact: Potential platform-wide compromise of AWS environments Brand Reputation Impact: High
Response
Incident Response Plan Activated: Yes Third Party Assistance: Wiz (cloud security company) Containment Measures: Remediation of misconfigured webhook filters, credential rotations Remediation Measures: Anchoring regex patterns, enabling Pull Request Comment Approval build gate, using CodeBuild-hosted runners, limiting PAT permissions Recovery Measures: Securing build processes containing GitHub tokens or credentials in memory Communication Strategy: Public advisory released by AWS and Wiz
Data Breach
Type Of Data Compromised: Privileged credentials (GitHub admin tokens, Personal Access Tokens) Sensitivity Of Data: High Data Exfiltration: Potential (if exploited)
Lessons Learned
CI/CD pipeline security is critical, especially for untrusted contributions. Misconfigurations in webhook filters can lead to high-impact breaches. Anchoring regex patterns and limiting PAT permissions are essential mitigations.
Recommendations
Enable Pull Request Comment Approval build gate for untrusted contributions Use CodeBuild-hosted runners to manage build triggers via GitHub workflows Ensure regex patterns in webhook filters are anchored (use ^ and $) Generate a unique PAT for each CodeBuild project Limit PAT permissions to the minimum required Use a dedicated unprivileged GitHub account for CodeBuild integration
Investigation Status
['Resolved']
Stakeholder Advisories
AWS released an advisory detailing the misconfiguration and remediation steps.
Initial Access Broker
Entry Point: Predictable GitHub actor ID via bot user registration High Value Targets: AWS-managed GitHub repositories (e.g., aws-sdk-js-v3)
Post Incident Analysis
Root Causes: Insufficient regex anchoring in AWS CodeBuild webhook filters, allowing unauthorized actor IDs to trigger builds and access privileged credentials. Corrective Actions: Anchored regex patterns, rotated credentials, implemented additional build process security measures.
References
Blog URL Source URL
AUGUST 2025
761
JULY 2025
760
JUNE 2025
758
Vulnerability
01 Jun 2025 • Amazon Web Services (AWS)
AWS Trusted Advisor Misconfiguration Vulnerability Allows Public S3 Bucket Exposure Without Detection

AWS’s **Trusted Advisor** tool, designed to alert customers if their **S3 storage buckets** are publicly exposed, was found to be vulnerable to manipulation by **Fog Security researchers**. By tweaking **bucket policies** or **ACLs** (Access Control Lists) and adding **deny policies** (e.g., blocking `s3:GetBucketPolicyStatus`, `s3:GetBucketPublicAccessBlock`, or `s3:GetBucketAcl`), attackers or misconfigured users could make buckets **publicly accessible** while preventing Trusted Advisor from detecting the exposure. This flaw allowed **potential data exfiltration** without triggering security warnings, posing risks of **unauthorized access to sensitive data**.The issue was privately reported to AWS, which implemented fixes in **June 2025** to correct Trusted Advisor’s detection logic. However, concerns remain about **inadequate user notifications**, as some accounts (including the researcher’s test account) did not receive alerts, leaving them unaware of the need to recheck bucket permissions. AWS recommended enabling **Block Public Access settings**, retiring **legacy ACLs**, and using **IAM policies** for stricter control. Fog Security also released an **open-source scanning tool** to help users identify misconfigured S3 buckets.The vulnerability highlights risks of **insider threats (malicious or accidental)**, **credential compromise**, and **misconfigurations** leading to **unintended public exposure of data**, potentially affecting **customer trust, compliance, and data security**.

756
critical -2
AMA505082225
Incident Details -
Type
Misconfiguration Security Bypass Data Exposure Risk
Attack Vector
Insider Threat (Malicious or Accidental) Compromised AWS Credentials Policy Manipulation
Vulnerability Exploited
AWS Trusted Advisor Bypass via S3 Bucket Policy Misconfiguration (Deny Rules for `s3:GetBucketPolicyStatus`, `s3:GetBucketPublicAccessBlock`, `s3:GetBucketAcl`)
Motivation
Data Exfiltration Unauthorized Data Access Covert Persistence Accidental Exposure
Impact
Data Compromised: Potential exposure of sensitive data in publicly accessible S3 buckets (scope depends on bucket contents) AWS S3 Buckets Trusted Advisor Security Checks Operational Impact: False sense of security due to undetected public bucket exposure; potential for unauthorized data access or exfiltration Brand Reputation Impact: Risk of reputational damage for AWS and affected customers if data breaches occur due to undetected exposures Legal Liabilities: Potential compliance violations (e.g., GDPR, CCPA) if sensitive data is exposed Identity Theft Risk: High (if PII is stored in affected buckets) Payment Information Risk: High (if payment data is stored in affected buckets)
Response
Fog Security (researchers who discovered the issue) AWS implemented fixes to Trusted Advisor in June 2025 to correctly detect misconfigured buckets Emails sent to customers notifying them of the issue and fixes Customers advised to enable Block Public Access Settings at account and bucket levels Switch from ACLs to IAM policies recommended Manual review of S3 bucket configurations urged AWS Trusted Advisor now displays correct bucket status Open-source tool released by Fog Security to scan S3 resources for access issues AWS sent emails to customers (though coverage may be incomplete) Public disclosure via cybersecurity news outlets (e.g., Help Net Security)
Data Breach
Type Of Data Compromised: Potential exposure of any data stored in misconfigured S3 buckets (e.g., PII, financial data, proprietary information) Sensitivity Of Data: Varies (high risk if buckets contain sensitive/regulated data) Data Exfiltration: Possible (if attackers exploit the misconfiguration) Personally Identifiable Information: Possible (if stored in affected buckets)
Regulatory Compliance
Potential violations of GDPR, CCPA, HIPAA, or other data protection laws if sensitive data is exposed
Lessons Learned
Over-reliance on automated security tools (e.g., Trusted Advisor) can create blind spots if their detection mechanisms are bypassable. Complex IAM/bucket policies increase the risk of misconfigurations that may not be caught by standard checks. Proactive manual reviews and third-party tools are critical for validating cloud security postures. Customer notifications for security issues must be comprehensive and clear about risks.
Recommendations
Enable AWS Block Public Access Settings at both account and bucket levels. Replace legacy ACLs with IAM policies for finer-grained access control. Regularly audit S3 bucket configurations using AWS tools and third-party scanners (e.g., Fog Security’s open-source tool). Monitor for unusual access patterns or policy changes in S3 buckets. AWS should improve the clarity and reach of security advisories to ensure all affected customers are notified.
Investigation Status
Resolved (fix implemented by AWS in June 2025)
Customer Advisories
Enable Block Public Access Settings. Review and retire ACLs in favor of IAM policies. Scan S3 buckets for unintended public exposure using tools like Fog Security’s open-source scanner.
Stakeholder Advisories
AWS sent emails to customers (potentially incomplete); public disclosure via cybersecurity media.
Post Incident Analysis
Trusted Advisor’s inability to detect public bucket status when specific `Deny` policies block its checks (`s3:GetBucketPolicyStatus`, `s3:GetBucketPublicAccessBlock`, `s3:GetBucketAcl`). Overlap between legacy ACLs and modern bucket policies creating confusion and misconfiguration risks. Lack of redundant validation mechanisms to cross-check bucket exposure status. AWS updated Trusted Advisor to bypass or account for `Deny` policies that previously blocked its checks. Customer guidance issued to enforce Block Public Access and migrate from ACLs to IAM policies. Open-source tool provided by Fog Security to help customers audit S3 configurations.
References
Blog URL Source URL
MAY 2025
801
Ransomware
01 May 2025 • Amazon Web Services (AWS)
Ransomware Operators Targeting AWS S3 Buckets with Cloud-Native Encryption Abuse

Cybersecurity researchers have warned about a new wave of ransomware attacks targeting **AWS S3 buckets**, a widely used cloud storage service. Unlike traditional ransomware that encrypts or deletes data, attackers are now abusing **cloud-native encryption and key management services** to render data permanently unrecoverable. By manipulating built-in AWS capabilities like **key rotation and encryption controls**, threat actors can lock organizations out of their own storage without triggering typical breach detection mechanisms.The shift reflects an evolution in ransomware tactics, as defenders strengthen perimeter defenses. Organizations relying on S3 buckets for critical data—including customer records, financial documents, or proprietary assets—face severe operational disruptions if encryption keys are compromised. Recovery may require paying ransoms or accepting irreversible data loss, particularly if backups are also encrypted or inaccessible. The attack method exploits **trusted cloud functionalities**, making it harder to distinguish malicious activity from legitimate administrative actions.Given AWS’s dominance in cloud infrastructure, successful exploits could cascade across dependent services, affecting businesses, governments, and end-users. The technique underscores the growing sophistication of ransomware groups in targeting **cloud environments**, where traditional security models may fall short.

756
critical -45
AMA5032150112125
Incident Details -
Type
ransomware cloud security breach data encryption abuse
Attack Vector
abuse of cloud-native encryption services key management service manipulation misconfigured S3 buckets
Vulnerability Exploited
misconfigured AWS S3 bucket permissions weak encryption key management practices insufficient cloud-native security controls
Motivation
financial gain (ransom) disruption of operations
Impact
AWS S3 buckets potential data unrecoverability due to encryption abuse disruption of cloud storage services potential erosion of trust in cloud security practices
Response
hardening S3 bucket configurations enhancing encryption key management monitoring for abnormal key rotation activities cloud-native security tools for encryption/key management anomalies
Data Breach
abuse of cloud-native encryption to render data unrecoverable
Lessons Learned
Attackers are evolving tactics to abuse legitimate cloud services (e.g., encryption/key management) as perimeter defenses improve. Organizations must monitor cloud-native security controls beyond traditional perimeter protections.
Recommendations
Implement strict access controls and encryption key management policies for S3 buckets. Monitor for unusual key rotation or encryption activities in cloud environments. Adopt zero-trust principles for cloud storage services. Regularly audit S3 bucket configurations for misconfigurations.
Initial Access Broker
misconfigured S3 buckets compromised cloud credentials S3 buckets with critical/sensitive data
Post Incident Analysis
Over-reliance on perimeter defenses without monitoring cloud-native services. Misconfigured or weakly managed encryption keys in S3 buckets. Lack of visibility into cloud-specific attack vectors (e.g., key rotation abuse). Enhance logging and monitoring for cloud encryption/key management services. Enforce least-privilege access for S3 buckets and associated keys. Conduct red-team exercises simulating cloud-native ransomware scenarios.
References
Blog URL Source URL
DECEMBER 2024
801
Vulnerability
03 Dec 2024 • Fortinet, Cisco, Amazon Web Services and JPMorgan Chase: Cloud storage buckets leaking secret data despite security improvements
Toxic Cloud Trilogies: Publicly Exposed, Critically Vulnerable, and Highly Privileged Cloud Buckets

**Tenable Report Highlights Persistent Cloud Security Risks Despite Improvements** A recent report by Tenable reveals both progress and ongoing vulnerabilities in cloud security, particularly around "toxic cloud trilogies"—publicly exposed, critically vulnerable, and highly privileged cloud instances. Between October 2024 and March 2025, the number of organizations with at least one such instance on AWS or Google Cloud Platform (GCP) dropped from 38% to 29%, while those with five or more declined from 27% to 13%. Despite these improvements, Tenable warns that such exposures remain a pressing concern. The report also uncovered widespread exposure of sensitive data in cloud configurations. Researchers found that 54% of AWS Elastic Container Service (ECS) task definitions and 52% of Google CloudRun environment variables contained confidential information. Additionally, over a quarter of AWS users stored sensitive data in user data fields, with 3.5% of AWS EC2 instances holding secrets—posing a significant risk if exploited. AWS hosted the highest proportion of sensitive data (16.7% of its buckets), compared to 6.5% for GCP and 3.2% for Microsoft Azure. While nearly 80% of AWS users have enabled critical identity-checking services, the findings underscore persistent misconfigurations and overconfidence in cloud security measures. The report, released at AWS re:Invent 2024 in Las Vegas, highlights the need for continued vigilance in securing cloud environments.

799
critical -2
FORCISAMAJPM1767748297
Incident Details -
Type
Data Exposure
Attack Vector
Misconfigured Cloud Storage
Vulnerability Exploited
Publicly exposed cloud buckets with critical vulnerabilities and highly privileged data
Impact
Data Compromised: Sensitive data, including confidential and restricted information AWS S3 Buckets GCP Cloud Storage AWS Elastic Container Service Google CloudRun AWS EC2 User Data Operational Impact: Potential cascade of exploitative activity by attackers accessing exposed secrets Brand Reputation Impact: High (due to sensitive data exposure) Identity Theft Risk: High (due to exposure of personally identifiable information)
Response
Enhanced Monitoring: Enabled identity-checking service (80%+ of AWS users)
Data Breach
Secrets Confidential data Restricted data Personally identifiable information Sensitivity Of Data: High (confidential/restricted) Personally Identifiable Information: Yes
Lessons Learned
Organizations must prioritize secure cloud configurations, regularly audit cloud storage settings, and avoid storing sensitive data in publicly accessible or misconfigured buckets. AWS, GCP, and Azure users should enable identity-checking services and monitor for exposed secrets.
Recommendations
Conduct regular audits of cloud storage configurations Enable identity-checking services (e.g., AWS IAM) Avoid storing sensitive data in user data or environment variables Implement network segmentation and enhanced monitoring Adopt secure development practices to prevent misconfigurations
Investigation Status
['Ongoing (based on scans conducted between October 2024 and March 2025)']
Post Incident Analysis
Misconfigured cloud storage buckets Public exposure of sensitive data Lack of identity-checking services in some cases Overconfidence in cloud provider security measures Enable identity-checking services Regularly audit cloud configurations Remove sensitive data from user data/environment variables Implement enhanced monitoring
References
Blog URL Source URL
AUGUST 2024
796
Vulnerability
01 Aug 2024 • Amazon Web Services
AWS Application Load Balancer Vulnerability

A vulnerability in Amazon Web Services' Application Load Balancer was discovered by security firm Miggo, which could potentially allow an attacker to bypass access controls and compromise web applications. This vulnerability was not due to a software flaw but stemmed from customers' configuration of the service, particularly the setup of authentication. Researchers identified over 15,000 web applications with potentially vulnerable configurations, though AWS disputes the figure and has contacted customers to recommend more secure setups. Exploiting this vulnerability would involve token forgery by the attacker to obtain unauthorized access to applications, escalating privileges within the system.

795
high -1
AMA000082124
Incident Details -
Type
Misconfiguration
Attack Vector
Token Forgery
Vulnerability Exploited
Misconfiguration of AWS Application Load Balancer Authentication
Motivation
Unauthorized Access, Privilege Escalation
Post Incident Analysis
Root Causes: Misconfiguration of AWS Application Load Balancer Authentication
References
Blog URL Source URL
JULY 2024
821
Breach
01 Jul 2024 • webXray
Privacy Violations Exposed by webXray

webXray, a tool designed to expose privacy violations on the internet, reveals how tech giants like Google and various websites track user data and browsing habits. Developed by former Google engineer Tim Libert, webXray analyzes web activity to identify which sites collect data, including sensitive information. Such tracking, often without clear user consent, can breach laws like HIPAA and GDPR, posing serious threats to individuals' privacy. The tool aims to empower regulators and attorneys to assess and rectify these violations, promoting a balanced digital ecosystem.

796
critical -25
AMA000072524
Incident Details -
Type
Privacy Violation
Attack Vector
Data Tracking
Vulnerability Exploited
Lack of clear user consent
Motivation
Data Collection
Impact
Data Compromised: User data and browsing habits Brand Reputation Impact: Negative Legal Liabilities: Potential breach of HIPAA and GDPR
Data Breach
Type Of Data Compromised: User data and browsing habits Sensitivity Of Data: High
Regulatory Compliance
HIPAA GDPR
Lessons Learned
The need for clear user consent and transparency in data collection practices.
Recommendations
Implement stricter data privacy policies and ensure compliance with relevant regulations.
Post Incident Analysis
Root Causes: Lack of clear user consent and transparency in data collection.
References
Blog URL Source URL
JUNE 2024
829
Cyber Attack
16 Jun 2024 • Amazon Web Services (AWS)
Major AWS Outage Impacts Thousands of Organizations Globally

AWS, the world’s largest cloud computing platform (30% market share), suffered a major outage due to a malfunction at its Northern Virginia data center. The incident disrupted thousands of organizations globally, including banks (e.g., financial software like Xero), social media platforms (e.g., Snapchat), and other digital services. While AWS claimed to have resolved the underlying issue, residual disruptions persisted for some users. The outage exposed critical vulnerabilities in cloud reliance, triggering cascading failures across dependent systems. Businesses faced operational paralysis, financial losses from downtime, and reputational damage due to service unavailability. The incident underscored risks like single points of failure in centralized cloud infrastructure, vendor lock-in challenges, and geopolitical regulatory complexities. Previous outages by competitors (Microsoft Azure, Google Cloud) in 2024 further highlighted systemic fragility in the oligopolistic cloud market, where a minor technical error can cripple global digital ecosystems.

821
critical -8
AMA1902119102225
Incident Details -
Type
Service Disruption Outage
Vulnerability Exploited
Malfunction at AWS data center (likely a configuration error)
Impact
Cloud services Banking platforms Financial software (e.g., Xero) Social media (e.g., Snapchat) Downtime: Prolonged (exact duration unspecified; some disruptions persisted after initial fix) Operational Impact: Severe (domino effect paralyzing vast segments of the internet) Customer Complaints: Likely high (widespread service disruptions reported) Brand Reputation Impact: Moderate (highlights vulnerabilities in cloud reliance)
Response
Incident Response Plan Activated: Yes (AWS reported fixing the underlying issue) Technical fix applied to data center malfunction
Lessons Learned
Heavy reliance on a few cloud providers (AWS, Azure, Google Cloud) creates single points of failure. Vendor lock-in traps customers due to complex data architectures and high egress costs. Geopolitical/regulatory risks arise from US-based providers subject to US laws, complicating international compliance (e.g., Australia’s Privacy Act). Cloud providers hold significant control over service access and censorship.
Recommendations
Mitigate risks by diversifying cloud providers or adopting multi-cloud strategies. Negotiate contracts to reduce vendor lock-in and data egress costs. Assess geopolitical/regulatory risks when selecting cloud providers. Implement redundancy and backup systems to minimize downtime impact.
Investigation Status
['Resolved (underlying issue fixed, but some disruptions persisted)']
Post Incident Analysis
Malfunction at AWS data center in Northern Virginia (likely a configuration error) Technical fix applied; no further details provided
References
Blog URL Source URL
JUNE 2023
827
Vulnerability
16 Jun 2023 • Amazon Web Services (AWS)
Critical Authentication Token Exposure in Amazon WorkSpaces Client for Linux (CVE-2025-12779)

A critical vulnerability (CVE-2025-12779) in the **Amazon WorkSpaces client for Linux (versions 2023.0–2024.8)** exposes improper handling of authentication tokens, allowing local attackers to extract valid tokens left accessible by the client. This flaw enables unauthorized access to a victim’s private WorkSpaces session, granting control over their virtual environment. The risk is heightened in **shared or multi-user Linux systems**, where malicious actors could exploit the vulnerability to hijack sessions, access sensitive data, or perform actions on behalf of the compromised user. AWS has released a patch in **version 2025.0** and urged immediate updates, but unpatched systems remain exposed to session takeover attacks. While no evidence of active exploitation has been reported, the vulnerability underscores the risks of inadequate token management in cloud-based desktop solutions, potentially leading to **data breaches, privilege escalation, or lateral movement within corporate networks** if abused in enterprise environments.

825
high -2
AMA0162101110725
Incident Details -
Type
Vulnerability Unauthorized Access
Attack Vector
Local Improper Authentication Token Handling
Vulnerability Exploited
CVE-2025-12779
Impact
Authentication Tokens Potential WorkSpace Session Access Amazon WorkSpaces client for Linux (versions 2023.0–2024.8) Unauthorized Access to Virtual WorkSpaces Risk in Shared/Multi-User Environments Potential Erosion of Trust in AWS WorkSpaces Security Session Hijacking Risk
Response
Urgent Security Bulletin (AWS-2025-025) End-of-Support Notification for Affected Versions Upgrade to Amazon WorkSpaces client for Linux version 2025.0 or newer Security Bulletin Direct Outreach via [email protected] Public Advisory
Data Breach
Authentication Tokens High (Session Access Tokens) Potential Token Theft by Local Users
Lessons Learned
Importance of robust token management in cloud desktop environments. Critical need for timely software updates in shared/multi-user systems. Proactive communication with users during vulnerability disclosures.
Recommendations
Immediately upgrade to Amazon WorkSpaces client for Linux version 2025.0 or later. Monitor shared/multi-user Linux environments for unauthorized WorkSpace access. Implement least-privilege principles for local user permissions. Regularly audit authentication token handling in virtual desktop solutions.
Investigation Status
Resolved (Patch Available)
Customer Advisories
Upgrade to version 2025.0 immediately; contact [email protected] for concerns
Stakeholder Advisories
AWS-2025-025 Security Bulletin
Post Incident Analysis
Improper handling of authentication tokens in DCV-based WorkSpaces Insecure token storage accessible to local users Token management overhaul in version 2025.0 Enhanced access controls for multi-user environments
References
Blog URL Source URL
JUNE 2021
826
Cyber Attack
16 Jun 2021 • AWS: Edge Devices On AWS Infrastructure Targeted By Russian Cyberattacks In ‘Yearslong’ Campaign
Russian Sandworm Hackers Target Misconfigured AWS Edge Devices in Multi-Year Campaign

**Russian Sandworm Hackers Target Misconfigured AWS Edge Devices in Multi-Year Campaign** Amazon’s Threat Intelligence unit has confirmed that Russian state-sponsored hackers, identified as the **Sandworm group** (linked to Russia’s GRU military intelligence), conducted a **yearslong cyberattack campaign** in 2025 targeting **misconfigured network edge devices** hosted on AWS infrastructure. The attacks focused on **energy sector organizations** and businesses with **cloud-hosted network infrastructure**, primarily in **Western nations, North America, and Europe**. The hackers exploited **exposed management interfaces** on customer-owned edge devices such as **enterprise routers, VPN concentrators, and remote access gateways** to gain initial access, harvest credentials, and move laterally within victim networks. Amazon’s Chief Information Security Officer (CISO), **CJ Moses**, emphasized that the attacks were **not due to AWS vulnerabilities** but rather **customer misconfigurations**, which the threat actors leveraged to maintain persistent access while minimizing detection risks. This campaign marks an evolution in Sandworm’s tactics, shifting from **zero-day and N-day exploits** (used in prior years, including **WatchGuard and Veeam vulnerabilities in 2021–2024**) to **low-effort targeting of misconfigured devices** a strategy Moses described as a **"concerning adaptation"** that achieves the same objectives with reduced resource expenditure. The group’s operations have spanned **at least five years**, with a sustained focus on **critical infrastructure**, particularly the **energy sector**. Amazon has **disrupted active threat operations** and notified affected customers, though no AWS-specific patches are required. The company continues to collaborate with the security community to **counter state-sponsored threats** targeting cloud environments. Network analysis revealed that **actor-controlled IP addresses** established persistent connections to compromised **EC2 instances** running customer-managed network appliances.

818
critical -8
AMA1768595116
Incident Details -
Type
Cyber Espionage, Lateral Movement, Credential Harvesting
Attack Vector
Exposed management interfaces on misconfigured network edge devices
Vulnerability Exploited
Customer misconfigurations (not AWS vulnerabilities)
Motivation
Cyber espionage, targeting critical infrastructure
Impact
Data Compromised: Credentials, network access Systems Affected: Enterprise routers, VPN concentrators, remote access gateways, EC2 instances running customer-managed network appliances Operational Impact: Persistent access to victim networks, lateral movement
Response
Containment Measures: Disruption of active threat operations, customer notifications Communication Strategy: Public disclosure by Amazon's Threat Intelligence unit
Data Breach
Type Of Data Compromised: Credentials, network access Sensitivity Of Data: High (critical infrastructure access)
Lessons Learned
Shift in Sandworm tactics from zero-day exploits to low-effort targeting of misconfigured devices; importance of securing edge devices and cloud-hosted network infrastructure.
Recommendations
Secure management interfaces on edge devices, enforce proper configurations, monitor for persistent connections from actor-controlled IPs, collaborate with cloud providers for threat intelligence.
Investigation Status
['Ongoing (disruption of active operations, customer notifications)']
Initial Access Broker
Entry Point: Exposed management interfaces on misconfigured edge devices Backdoors Established: Persistent access to victim networks High Value Targets: Energy sector, critical infrastructure
Post Incident Analysis
Root Causes: Customer misconfigurations in network edge devices, lack of proper security controls for exposed management interfaces Corrective Actions: Disruption of threat operations, customer notifications, collaboration with security community to counter state-sponsored threats
References
Blog URL Source URL
FEBRUARY 2018
836
Data Leak
01 Feb 2018 • Amazon Web Services (AWS)
Data Exposure of Bongo International's S3 Bucket

An Amazon S3 bucket containing scans of about 119,000 US and foreign citizens' IDs and personal information was found by researchers. The firm that owns the data, Bongo International, is owned by FedEx and supports North American retailers' and brands' online sales to customers abroad. In the AWS bucket were over 112,000 files, unencrypted data, and customer ID scans from a wide range of nations, including the US, Mexico, Canada, many EU nations, Saudi Arabia, Kuwait, Japan, Malaysia, China, and Australia. FedEx did not remove the S3 bucket until its presence was made public, despite Kromtech's best efforts to get in touch with them.

810
critical -26
AMA350181223
Incident Details -
Type
Data Exposure
Attack Vector
Misconfigured S3 Bucket
Vulnerability Exploited
Misconfiguration
Impact
ID scans Personal Information Amazon S3 Bucket Identity Theft Risk: High
Response
Removed the S3 bucket
Data Breach
ID scans Personal Information Number Of Records Exposed: 119,000 Sensitivity Of Data: High Data Encryption: No ID scans Unencrypted data Personally Identifiable Information: Yes
Post Incident Analysis
Misconfigured S3 Bucket Removed the S3 bucket
References
Blog URL Source URL

Frequently Asked Questions

According to Rankiteo, the current A.I.-based Cyber Score for Amazon Web Services (AWS) is 621, which corresponds to a Poor rating.

According to Rankiteo, the A.I. Rankiteo Cyber Score for March 2026 was 709.

According to Rankiteo, the A.I. Rankiteo Cyber Score for February 2026 was 706.

According to Rankiteo, the A.I. Rankiteo Cyber Score for January 2026 was 703.

According to Rankiteo, the A.I. Rankiteo Cyber Score for December 2025 was 708.

According to Rankiteo, the A.I. Rankiteo Cyber Score for November 2025 was 747.

According to Rankiteo, the A.I. Rankiteo Cyber Score for October 2025 was 754.

According to Rankiteo, the A.I. Rankiteo Cyber Score for September 2025 was 760.

According to Rankiteo, the A.I. Rankiteo Cyber Score for August 2025 was 761.

According to Rankiteo, the A.I. Rankiteo Cyber Score for July 2025 was 760.

According to Rankiteo, the A.I. Rankiteo Cyber Score for June 2025 was 756.

According to Rankiteo, the A.I. Rankiteo Cyber Score for May 2025 was 756.

Over the past 12 months, the average per-incident point impact on Amazon Web Services (AWS)’s A.I Rankiteo Cyber Score has been -12.82 points.

You can access Amazon Web Services (AWS)’s cyber incident details on Rankiteo by visiting the following link: https://www.rankiteo.com/company/amazon-web-services.

You can find the summary of the A.I Rankiteo Risk Scoring methodology on Rankiteo by visiting the following link: Rankiteo Algorithm.

You can view Amazon Web Services (AWS)’s profile page on Rankiteo by visiting the following link: https://www.rankiteo.com/company/amazon-web-services.

With scores of 18.5/20 from OpenAI ChatGPT, 20/20 from Mistral AI, and 17/20 from Claude AI, the A.I. Rankiteo Risk Scoring methodology is validated as a market leader.