Amazon Web Services

Malicious PyPI package with 37,000 downloads steals AWS keys

November 10, 2024November 10, 2024 geekfeed0Tagged Amazon Web Services, Amazon Web Services credentials, AWS, AWS keys, Credential Theft, malicious Python package, PyPI, Python, Python Package Index

A malicious Python package named ‘fabrice’ has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers. According to application security company Socket, the package has been downloaded more than 37,000 times and executes platform-specific scripts for Windows and Linux. The large number of downloads is accounted by fabrice typosquatting the […]

2 mins read

AWS, Azure auth keys found in Android and iOS apps used by millions

October 23, 2024October 23, 2024 geekfeed0Tagged Amazon Web Services, android, apple, AWS, Azure, Cloud, Exposed, ios, iphone, Microsoft Azure, mobile

Multiple popular mobile applications for iOS and Android come with hardcoded, unencrypted credentials for cloud services like Amazon Web Services (AWS) and Microsoft Azure Blob Storage, exposing user data and source code to security breaches. Exposing this type of credentials can easily lead to unauthorized access to storage buckets and databases with sensitive user data. Apart from […]

3 mins read