Dark Reading

AWS Tokens Lurking in Android, iOS Apps Crack Open Corporate Cloud Data

Thousands of customer-facing Android and iOS mobile apps — including banking apps — have been found to contain hardcoded Amazon Web Services (AWS) credentials that would allow cyberattackers to steal ...
ZDNet

New tool detects AWS intrusions where hackers abuse self-replicating tokens

Security firm CyberArk has released a new tool called SkyWrapper that can detect a certain class of intrusions and malicious activity inside AWS (Amazon Web Services) computing environments. These ...
Ars Technica

Credentials for thousands of open source projects free for the taking—again!

A service that helps open source developers write and test software is leaking thousands of authentication tokens and other security-sensitive secrets. Many of these leaks allow hackers to access the ...