The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, risking takeover of four AWS GitHub repositories before fixes in Sep 2025.
Infosecurity Magazine

CodeBuild Flaw Put AWS Console Supply Chain At Risk

A critical misconfiguration in AWS CodeBuild has allowed attackers to seize control of core AWS GitHub repositories, including the JavaScript SDK that underpins the AWS Console.
Bleeping Computer

Twilio exposes SDK, attackers inject it with malvertising code

Twilio today disclosed that its TaskRouter JS SDK was compromised by attackers after they gained access to one of its misconfigured Amazon AWS S3 buckets which left the SDK's path publicly readable ...
TechRepublic

Hacker Exposes Amazon Q Security Flaws Using Covert Code

Generative AI virtual assistant Amazon Q was unveiled by AWS CEO Adam Selipsky in 2023. Image: AWS A threat actor managed to insert a data-wiping prompt into Amazon’s AI coding assistant Q in July, ...