Bleeping Computer

Cryptojacking worm steals AWS credentials from Docker systems

A cybercrime group known as TeamTNT is using a crypto-mining worm to steal plaintext AWS credentials and config files from compromised Docker and Kubernetes systems. TeamTNT's cryptocurrency mining ...
Threat Post

AWS Cryptojacking Worm Spreads Through the Cloud

The malware harvests AWS credentials and installs Monero cryptominers. A cryptomining worm from the group known as TeamTNT is spreading through the Amazon Web Services (AWS) cloud and collecting ...
The Hacker News

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery ...
Hosted on MSN

Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket

Exclusive A massive online heist targeting AWS customers during which digital crooks abused misconfigurations in public websites and stole source code, thousands of credentials, and other secrets ...
Yahoo

AWS customers hit by major cyberattack which then stored stolen credentials in plain sight

Misconfigured cloud instances have once again been abused to steal sensitive information such as login credentials, API keys, and more. This time around, the victims were countless Amazon Web Services ...