The Hacker News

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

Amazon reports a new AWS crypto mining campaign abusing IAM credentials, ECS, EC2, and termination protection for persistence ...

Malicious VSCode Marketplace extensions hid trojan in fake PNG file

A stealthy campaign with 19 extensions on the VSCode Marketplace has been active since February, targeting developers with ...

Home Depot exposed access to internal systems for a year, says researcher

A security researcher tried to alert Home Depot to the security lapse exposing its backend GitHub source code repos and other ...
The Hacker News

Webinar: How Attackers Exploit Cloud Misconfigurations Across AWS, AI Models, and Kubernetes

Live briefing shows how attackers exploit AWS identity errors, AI model masking, and Kubernetes privileges—and how teams can ...
InfoQ

Yelp Publishes Blueprint for Managing S3 Server-Access Logs at Massive Scale

In a detailed engineering post, Yelp shared how it built a scalable and cost-efficient pipeline for processing Amazon S3 ...
Infosecurity Magazine

Malware Discovered in 19 Visual Studio Code Extensions

A new campaign involving 19 malicious Visual Studio Code extensions used a legitimate npm package to embed malware in ...