EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub

A new ongoing campaign dubbed EleKtra-Leak has set its eyes on exposed Amazon Web Service AWS identity and access management IAM credentials within public GitHub repositories to facilitate cryptojacking activities. "As a result of this, the threat actor associated with the campaign was able to...

U.S. Dept Of Defense: Remote Code Execution and AWS IAM Credentials Exfiltration in https://████████/

The host https://██████/ had a vulnerability in the /jenkins/script directory that allowed users to execute system commands on the host. This could have led to the disclosure of AWS IAM credentials, which could have been used by an attacker to manage various AWS resources, create and delete...