UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours
Threat actor UNC6426 leveraged stolen keys from the nx npm package supply chain compromise to breach a victim's cloud environment within 72 hours — stealing a GitHub token, abusing OIDC trust to create AWS admin roles, and exfiltrating S3 data.