Pen Test Partners

Compromising a multi-cloud environment from a single exposed secret

TL;DR Introduction In practice, it is still hard to keep secrets safe in the cloud. All major cloud service providers have ...
Cybernews

AWS dodges massive cyber disaster: every account was in danger

Wiz Research discovered and responsibly disclosed a critical vulnerability in AWS CodeBuild that could have led to a massive platform-wide compromise.
Bleeping Computer

Hackers ramp up scans for leaked Git tokens and secrets

Threat actors are intensifying internet-wide scanning for Git configuration files that can reveal sensitive secrets and authentication tokens used to compromise cloud services and source code ...