Twilio: Someone waltzed into our unsecured AWS S3 silo, added dodgy code to our JavaScript SDK

Discussion in 'other security issues & news' started by guest, Jul 21, 2020.

  1. guest

    guest Guest

    Twilio: Someone broke into our unsecured AWS S3 silo, added 'non-malicious' code to our JavaScript SDK
    API dev kit remained modified for hours, says source
    July 21, 2020

    https://www.theregister.com/2020/07/21/twilio_sdk_code_injection/
     
  2. guest

    guest Guest

    Updated (July 22, 2020):
     
  3. guest

    guest Guest

    Misconfigured S3 exposes Twilio users to Magecart attack
    July 23, 2020
    https://www.scmagazine.com/home/sec...d-s3-exposes-twilio-users-to-magecart-attack/
     
  4. guest

    guest Guest

    Twilio breach spotlights struggle to keep corporate software kits out of the wrong hands
    July 24, 2020
    https://www.cyberscoop.com/twilio-hack-breach-s3-buckets-magecart/
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.