UNC6426 hackers turned a routine NPM update into a direct path to full AWS administrator access in under 72 hours, highlighting how fragile CI/CD-to-cloud trust can become when roles are overly permissive.”‹ When a developer at the victim organization updated or installed the affected package via a code editor plugin, the postinstall script silently executed […] The post UNC6426 Hackers Exploit NPM Package to Gain AWS Admin Access in 72 Hours appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/npm-package-exploited/
