8
How recruitment fraud turned cloud IAM into a $2 billion attack surface (venturebeat.com)
submitted 19 hours ago by codeinabox@programming.dev to c/security@programming.dev
1 comments fedilink hide all child comments

A developer gets a LinkedIn message from a recruiter. The role looks legitimate. The coding assessment requires installing a package. That package exfiltrates all cloud credentials from the developer’s machine — GitHub personal access tokens, AWS API keys, Azure service principals and more — are exfiltrated, and the adversary is inside the cloud environment within minutes.

top 1 comments
sorted by: hot top new old
[-] theit8514@lemmy.world 3 points 17 hours ago

Kinda shocks me that most of these cli apps still have no method of securing these credentials. No encryption with passphrase, no integration with password/secret managers. Just a plaintext credentials file in a static location.

this post was submitted on 06 Feb 2026
8 points (100.0% liked)

Security

1977 readers
9 users here now

A community for discussion about cybersecurity, hacking, cybersecurity news, exploits, bounties etc.

Rules :

  1. All instance-wide rules apply.
  2. Keep it totally legal.
  3. Remember the human, be civil.
  4. Be helpful, don't be rude.

Icon base by Delapouite under CC BY 3.0 with modifications to add a gradient

founded 2 years ago