来自MSN

AWS systems targeted by crypto mining scam using hijacked IAM credentials

Attackers used stolen high‑privilege IAM credentials to rapidly deploy large‑scale cryptomining on EC2 and ECS They launched GPU‑heavy auto‑scaling groups, malicious Fargate containers, new IAM users, ...
Bleeping Computer

Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials

A targeted campaign exploited Server-Side Request Forgery (SSRF) vulnerabilities in websites hosted on AWS EC2 instances to extract EC2 Metadata, which could include Identity and Access Management ...