An ongoing campaign has been observed targeting Amazon Web
Services (AWS) customers using compromised Identity and Access
Management (IAM) credentials to enable cryptocurrency mining. The
activity, first detected by Amazon's GuardDuty managed threat
detection service and its automated security monitoring systems on
November 2, 2025, employs never-before-seen persistence techniques
to hamper
Read more https://thehackernews.com/2025/12/compromised-iam-credentials-power-large.html
