AWS Compromised by AI Agents in Minutes by Alex Groyz

This report documents an observed AWS compromise that progressed from exposed credentials to full administrative control in eight minutes by leveraging valid IAM keys, AI-assisted automated reconnaissance, and abuse of an existing Lambda function to programmatically create admin credentials; it emphasizes that the attack used legitimate APIs and permissions, and recommends identity-centric behavioral detection and automated response to interrupt such fast-moving cloud intrusions.