Bleeping Computer

Malicious PyPI package with 37,000 downloads steals AWS keys

A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers. According to ...
HotHardware

Severe Amazon ECR Public Gallery Flaw Could Have Facilitated Massive Supply Chain Attack

A researcher at the cloud security company Lightspin recently discovered a flaw in the Amazon Web Services (AWS) Elastic Container Registry (ECR) Public Gallery that threat actors could have exploited ...
InfoQ

AWS Launches Lambda SnapStart for Python and .NET Functions

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Senyo Simpson discusses how Rust's core ...
Bleeping Computer

Amazon ECR Public Gallery flaw could have wiped or poisoned any image

A severe security flaw in the Amazon ECR (Elastic Container Registry) Public Gallery could have allowed attackers to delete any container image or inject malicious code into the images of other AWS ...