威胁组织UNC6426通过利用nx npm包供应链攻击窃取的密钥，在72小时内完全入侵受害者的云环境。攻击从窃取开发者GitHub令牌开始，攻击者随后利用GitHub到AWS的OIDC信任关系创建新的管理员角色。他们滥用该角色从AWS S3存储桶中窃取文件，并在生产云环境中进行数据破坏。

Hackers exploited a compromised npm package to breach cloud systems and gain full AWS administrator access within 72 hours.

UNC6426 used stolen GitHub tokens from the 2025 nx npm breach to gain AWS admin access in under 72 hours, enabling data theft and cloud destruction.

Terra Security, a pioneer in Agentic Offensive Security, announced today the appointment of Anna Sarnek as Vice President of Business & Strategy. Sarnek has served as a strategic advisor to Terra over ...

The autonomous vehicle company taps the former Meta CFO as it prepares to launch driverless trucks and scale production this year.

Pegasystems Inc. (NASDAQ: PEGA), The Enterprise Transformation Company TM, today announced keynote speakers for PegaWorld 2026, Pega’s annual conference to be held at the MGM Grand in Las Vegas, NV, ...

Missile strikes damage AWS UAE data centers, disrupting banking and delivery apps across Dubai and the wider Emirates.

The four US Army reserve soldiers were killed in a drone strike in Kuwait on Sunday, one day after the US and Israel began ...

The AWS SDK for JavaScript v3 is a rewrite of v2 with some great new features. As with version 2, it enables you to easily work with Amazon Web Services, but has a modular architecture with a separate ...

Amazon Web Services ended 2025 with its strongest quarterly growth rate in more than three years. The company reported Thursday that its cloud service business recorded $35.6 billion in revenue in the ...

Written by Rich Mogull, Chief Analyst, CSA. Amazon just launched the European Sovereign Cloud. It’s an important milestone, but enterprises need to know the limits. On January 15, 2026, Amazon Web ...