Twilio: Someone waltzed into our unsecured AWS S3 silo, added dodgy code to our JavaScript SDK

Twilio: Someone broke into our unsecured AWS S3 silo, added 'non-malicious' code to our JavaScript SDK
API dev kit remained modified for hours, says source
July 21, 2020
https://www.theregister.com/2020/07/21/twilio_sdk_code_injection/

 

Updated (July 22, 2020):

 

Misconfigured S3 exposes Twilio users to Magecart attack
July 23, 2020
https://www.scmagazine.com/home/sec...d-s3-exposes-twilio-users-to-magecart-attack/

 

Twilio breach spotlights struggle to keep corporate software kits out of the wrong hands
July 24, 2020
https://www.cyberscoop.com/twilio-hack-breach-s3-buckets-magecart/