https://cybercrime.club/tags/aws/Recent content in Aws on cybercrime.clubHugoen-usSat, 04 Apr 2026 06:09:10 -0400https://cybercrime.club/posts/european-commission-trivy-supply-chain-breach/Sat, 04 Apr 2026 06:09:10 -0400https://cybercrime.club/posts/european-commission-trivy-supply-chain-breach/<h2 id="what-happened">What Happened</h2> <p>The European Commission has confirmed a significant data breach originating from the <a href="https://cybercrime.club/posts/teampcp-supply-chain-cascade-vect-ransomware/">TeamPCP supply chain attack</a> we covered earlier this week. CERT-EU published findings on April 3 attributing the intrusion to TeamPCP for the initial access and ShinyHunters for the subsequent data exfiltration and public leak.</p> <p>The bottom line: the Commission&rsquo;s CI/CD infrastructure downloaded a poisoned copy of the Trivy vulnerability scanner after the March 19 compromise. That gave TeamPCP an AWS API key, which they used to pivot into the Commission&rsquo;s cloud accounts and extract approximately 92 GB of compressed data. ShinyHunters then published the dump online after extortion demands went unanswered.</p>