Chrome Ad Blocker 10M Installs: Script Injection Risk
June 26, 2026
ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories
June 26, 2026
A recently patched vulnerability in Amazon Web Services (AWS) has been found to have enabled malicious actors to steal cloud credentials via compromised repositories. According to reports, the issue was linked to an AWS service called AWS CodeBuild. AWS CodeBuild is a cloud-based build service used to automate code compilation and testing.
The flaw, known as an ” AWS Q” vulnerability, allowed attackers to steal AWS credentials from users who cloned malicious repositories. Once the attackers had access to the repository, they could use AWS services without being detected, making it easier to carry out further malicious activities. The potential impact of this issue is significant, as it could have allowed unauthorized access to sensitive data.
Amazon has since patched the vulnerability and issued a warning to customers about the potential impact of the issue. Users are advised to review their AWS configurations to minimize any potential risk associated with the flaw.
