Researchers at Palo Alto’s Unit 42 have confirmed that they have compromised a customer’s AWS cloud account with thousands of workloads using a misconfigured identity and access management (IAM) role.
https://www.scmagazine.com/home/security-news/cloud-security/attackers-can-abuse-a-misconfigured-iam-role-across-16-aws-services/