How recruitment fraud turned cloud IAM into a $2 billion attack surface
via crowdstrike.com
Short excerpt below. Read at the original source.
A developer gets a LinkedIn message from a recruiter. The role looks legitimate. The coding assessment requires installing a package. That package exfiltrates all cloud credentials from the developer’s machine — GitHub personal access tokens, AWS API keys, Azure service principals and more — are exfiltrated, and the adversary is inside the cloud environment within […]