Originally published by Astrix.Massive NHI Attack: Insecure AWS Stored Credentials Lead to Compromise of 230 Million Cloud Environments. Researchers from Unit 42 have uncovered a sophisticated and large-scale cyberattack targeting over 230 million AWS, cloud and SaaS environments. The attack exploited exposed environment variable files (.env) commonly stored insecurely on web servers. These files contained sensitive credentials, including AWS keys, database passwords, and API tokens, which th…
