The Hacker News
@thehackernews
�� Attackers turned the nx npm supply-chain compromise into full AWS admin access in under 72 hours.
Google says UNC6426 stole a developer’s GitHub token via QUIETVAULT, abused GitHub-to-AWS OIDC trust, created a new admin role, then accessed S3 data and destroyed production systems.
�� Read → https://thehackernews.com/2026/03/unc6426-exploits-nx-npm-supply-chain.html
Google says UNC6426 stole a developer’s GitHub token via QUIETVAULT, abused GitHub-to-AWS OIDC trust, created a new admin role, then accessed S3 data and destroyed production systems.
�� Read → https://thehackernews.com/2026/03/unc6426-exploits-nx-npm-supply-chain.html
👍 7
⚡ 3
23 8.8K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram