5 Feb 2025
Biztonsági szemle
Extensive software supply chain compromise possible with deserted AWS S3 buckets
Nearly 150 S3 buckets previously leveraged by cybersecurity firms, governments, Fortune 500 companies, and open source projects could be re-registered with the same AWS account name to facilitate executable and/or code injections in the deployment code/software update mechanism, according to an analysis from watchTowr Labs researchers.
Read more