I FORGOT TO SHOW THE TWO CHARACTERS;  HERE THEY ARE
https://github.com/aws/aws-sdk-js-v3/pull/7280

https://twitch.tv/ThePrimeagen - I Stream on Twitch

https://twitter.com/terminaldotshop - Want to order coffee over SSH?
ssh terminal.shop

Become Backend Dev: https://boot.dev/prime
(plus i make courses for them)

This is also the best way to support me is to support yourself becoming a better backend engineer.  

## Links
https://x.com/yuvalavra/status/2011842613389726109
https://www.wiz.io/blog/wiz-research-codebreach-vulnerability-aws-codebuild
https://github.com/aws/aws-sdk-js-v3
https://nx.dev/blog/s1ngularity-postmortem


Great News?  Want me to research and create video????: https://www.reddit.com/r/ThePrimeagen

Kinesis Advantage 360: https://bit.ly/Prime-Kinesis

Primeagen's resource offers insights, tutorials, and resources for software developers and technology enthusiasts. Readers can learn about productivity hacks, career development strategies, and personal growth. With articles, videos, and practical advice, Primeagen provides  guidance and expertise for achieving professional success and fulfillment.

ThePrimeTime

A critical security vulnerability in the AWS SDK for JavaScript v3 repository was discovered by white hat hackers. The flaw existed in AWS CodeBuild's webhook configuration, where actor IDs were validated using a regex with pipe separators instead of proper delimiters. This allowed attackers to create GitHub accounts with IDs containing substrings matching authorized IDs, gaining unauthorized access to CI jobs. Once inside, attackers could exfiltrate privileged GitHub tokens and npm credentials, potentially compromising the entire SDK and its users. The vulnerability highlights recurring issues with CI/CD security and regex misconfigurations.

hacked by 2 characters