ATTACKERS gained initial access to an AWS environment via credentials found in public S3 buckets and, using AI to speed operations, escalated privileges in under eight minutes, moving laterally across 19 AWS principals. The intrusion occurred on 28 November 2025, with the threat actor leveraging large language models to automate reconnaissance, generate code, and make real‑time decisions, according to Sysdig Threat Research Team.
The attackers accessed an account for a user named “frick” who had admin privileges after replacing code in a Lambda function named EC2-init, and they used Lambda code injection to iterate their target. They also provisioned GPU instances on EC2 for model development and abused Amazon Bedrock for LLMjacking to access cloud‑hosted models, with cross‑region inference used to distribute model invocations across AWS regions.
The report notes that the credentials involved had only ReadOnlyAccess, highlighting the risk of leaving access keys exposed in public buckets, a point echoed by experts who emphasise the need for least‑privilege enforcement and runtime detection. This incident underlines how AI‑assisted techniques can dramatically accelerate breach speed and lateral movement, according to Elizabeth Montalbano, who covers the story for Dark Reading.