In 2025, Mandiant uncovered a sophisticated attack by the threat group UNC6426 that exploited a compromised NPM package to gain full control of a client’s AWS cloud environment in under 72 hours. This breach highlights the growing dangers of supply-chain attacks and misconfigured cloud environments, particularly in automated pipelines. Continuous Integration / Continuous Delivery (CI/CD) […] The post UNC6426 Turns NPM Supply‑Chain Breach Into Full AWS Admin Access appeared first on Cyber Security News.