Latest news
Phishing
AWS AiTM Phishing Kit Bypasses MFA to Hijack Cloud Console Sessions in Real Time
29 June 2026 dark6
A real-time adversary-in-the-middle phishing kit has been targeting AWS engineers, stealing credentials and MFA codes simultaneously to hijack cloud sessions...
Malware
Shai-Hulud Malware Expands to npm Ecosystem, Stealing Cloud and CI/CD Credentials From Developers
26 June 2026 dark6
A credential-stealing malware campaign known as Shai-Hulud has expanded to target developers using the Leo/RStreams npm package ecosystem, harvesting GitHub...
Cybercrime
HazyBeacon APT Campaign Weaponizes AWS Lambda to Hide Command-and-Control Traffic
22 June 2026 dark6
Qualys researchers have exposed HazyBeacon, a stealthy APT campaign targeting Southeast Asian governments that uses AWS Lambda Function URLs as...
Cybercrime
TeamPCP Poisons Microsoft’s Official Python DurableTask SDK — Multi-Cloud Credential Worm Hits PyPI
27 May 2026 dark6
The TeamPCP threat group has compromised three consecutive versions of Microsoft's official Python DurableTask SDK on PyPI, injecting a worm-like...
Ransomware
Amazon S3 buckets targeted by new ransomware attacks
13 January 2025 securebulletin.com
A new wave of ransomware attacks has emerged, targeting Amazon Web Services (AWS) by exploiting its Server-Side Encryption with Customer...
Malware
Safeguarding Your Cloud Resources: Defending Against Muddled Libra Threats
10 April 2024 dark6
In response to the evolving tactics of threat actors like Muddled Libra, organizations must prioritize robust cybersecurity measures to safeguard...