Bleeping Computer

PyPi python packages caught sending stolen AWS keys to unsecured sites

Multiple malicious Python packages available on the PyPI repository were caught stealing sensitive information like AWS credentials and transmitting it to publicly exposed endpoints accessible by ...
SecurityWeek

TeamPCP Moves From OSS to AWS Environments

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...
Dark Reading

Attackers Use Stolen AWS Credentials in Cryptomining Campaign

Attackers have been using compromised AWS Identity and Access Management (IAM) credentials to target cloud services in a sprawling cryptomining campaign that can deploy unauthorized miners 10 minutes ...
CSO Online

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...
InfoQ

AWS Announces Python 3.9 Runtime Support for Lambda Functions

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Soroosh Khodami discusses why we aren't ready ...