3 matches found
SUSE CVE-2024-1682
An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been claimed by an external party. The use of this unclaimed S3 bucket could lead to data integrity issues, data leakage, availability problems, loss of...
PT-2024-18218 · Amazon · Amazon S3
Name of the Vulnerable Software and Affected Versions: Amazon S3 affected versions not specified Description: The issue concerns an unclaimed Amazon S3 bucket, 'codeconf', referenced in an audio file link within a documentation file. This bucket has been claimed by an external party, which could...
New Supply Chain Attack Exploits Abandoned S3 Buckets to Distribute Malicious Binaries
In what's a new kind of software supply chain attack aimed at open source projects, it has emerged that threat actors could seize control of expired Amazon S3 buckets to serve rogue binaries without altering the modules themselves. "Malicious binaries steal the user IDs, passwords, local machine...