Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/06/18 8:32 a.m.23 views

CVE-2025-10560 Hardcoded cloud credentials in Worksnaps client application binaries expose production cloud resources

Worksnaps before version 1.6.20260201 contains hardcoded cloud credentials and related secret material in the Worksnaps client application binaries. The exposed credentials included AWS access keys, S3 bucket names, and related cloud access information. The originally exposed AWS credentials...

9.3CVSS0.00388EPSS
Exploits1References2
Schneier on Security
Schneier on Security
added 2025/02/12 12:9 p.m.10 views

Delivering Malware Through Abandoned Amazon S3 Buckets

Here's a supply-chain attack just waiting to happen. A group of researchers searched for, and then registered, abandoned Amazon S3 buckets for about $400. These buckets contained software libraries that are still used. Presumably the projects don't realize that they have been abandoned, and still...

7.5AI score
Exploits0
ThreatPost
ThreatPost
added 2019/10/04 9:28 a.m.98 views

Virus Bulletin 2019: Magecart Infestations Saturate the Web

LONDON — Magecart, the digital card-skimming collective, is now so ubiquitous that its infrastructure is flooding the internet. In a paper presented at Virus Bulletin 2019 this week in London, Jordan Herman and Yonathan Klijnsma of RiskIQ said that there are now 573 known C2 domains for the group...

0.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/05/30 1:16 p.m.80 views

2.3B Files Exposed in a Year: A New Record for Misconfigs

The last 12 months has seen the exposure of a record 2.3 billion files across cloud databases and online shares, according to an analysis released on Thursday. A report from Digital Shadows’ Photon Research Team, Too Much Information: The Sequel, assessed the scale of inadvertent global data...

0.2AI score
Exploits0References4
Kitploit
Kitploit
added 2017/12/01 1:22 p.m.29 views

Bucket Stream - Find interesting Amazon S3 Buckets by watching certificate transparency logs

Find interestingAmazon S3 Buckets by watching certificate transparency logs. This tool simply listens to various certificate transparency logs via certstream and attempts to find public S3 buckets from permutations of the certificates domain name. Some quick tips if you use S3 buckets: 1. Randomi...

7.1AI score
Exploits0References1
Rows per page
Query Builder