AI-Powered Cloud Breach: How UNC6426 Stole Keys, Hijacked AWS, and Destroyed Data in 72 Hours

In a chilling demonstration of how modern cyberattacks are evolving, a sophisticated threat actor known as UNC6426 orchestrated a lightning-fast supply chain attack that went from stolen credentials to full cloud compromise in just 72 hours. This isn’t your grandfather’s ransomware—this is AI-powered, precision-targeted cyber warfare that exploits the very tools developers trust every day.

The Supply Chain Exploit That Started It All

The attack began in August 2025 when UNC6426 exploited a critical vulnerability in GitHub’s pull_request_target workflow—a technique security researchers have dubbed “Pwn Request.” This attack vector allowed the threat actors to compromise the popular nx npm package, a tool used by thousands of development teams worldwide.

By weaponizing this workflow, the attackers gained elevated privileges and pushed trojanized versions of the nx package to the npm registry. These malicious packages contained a postinstall script that deployed a sophisticated JavaScript credential stealer called QUIETVAULT.

The Silent Infiltration

QUIETVAULT wasn’t your typical malware. This credential stealer leveraged the developer’s own Large Language Model (LLM) tools—like ChatGPT or Claude—that were already installed on the endpoint. By using these trusted AI assistants, QUIETVAULT could search through environment variables, system information, and most critically, GitHub Personal Access Tokens (PATs) without triggering traditional security alerts.

The stolen data was exfiltrated to a public GitHub repository named “/s1ngularity-repository-1”, giving the attackers a foothold that would prove devastating.

From Developer Machine to Cloud Dominance

Two days after the initial compromise, UNC6426 launched reconnaissance operations using a legitimate open-source tool called Nord Stream. This tool allowed them to extract secrets from CI/CD environments, leaking credentials for a GitHub service account.

With these credentials in hand, the attackers used Nord Stream’s “–aws-role” parameter to generate temporary AWS Security Token Service (STS) tokens for the “Actions-CloudFormation” role. This single step gave them initial access to the victim’s AWS environment.

But here’s where the attack became truly devastating: the compromised “Github-Actions-CloudFormation” role was overly permissive. Google Cloud’s Threat Horizons Report for H1 2026 noted that this misconfiguration was the critical vulnerability that allowed the attack to escalate so rapidly.

The 72-Hour Cloud Takeover

In less than three days, UNC6426 transformed from having a single stolen token to possessing full AWS administrator permissions. They achieved this by deploying a new AWS CloudFormation stack with capabilities including “CAPABILITY_NAMED_IAM” and “CAPABILITY_IAM”. This stack’s sole purpose was to create a new IAM role with arn:aws:iam::aws:policy/AdministratorAccess attached.

With administrator privileges secured, the attackers launched a systematic destruction campaign:

• Enumerated and accessed objects within Amazon S3 buckets
• Terminated production EC2 instances across multiple regions
• Destroyed RDS databases with critical business data
• Decrypted application keys and sensitive credentials
• Renamed all internal GitHub repositories to “/s1ngularity-repository-[randomcharacters]” and made them public

The speed and precision of this attack left the victim organization reeling, with production systems offline and sensitive data exposed within hours.

The AI Factor: A New Era of Supply Chain Attacks

What makes this attack particularly concerning is the role of artificial intelligence in the execution. Security firm Socket has identified this as an AI-assisted supply chain abuse, where malicious intent is expressed through natural-language prompts rather than traditional code injection or network callbacks.

“As AI assistants become more integrated into developer workflows, they also expand the attack surface,” Socket warned. “Any tool capable of invoking them inherits their reach.”

This represents a fundamental shift in cybersecurity. Traditional detection methods that look for suspicious network traffic or known malware signatures are blind to attacks that leverage legitimate AI tools already present on the system.

Expert Recommendations: How to Defend Against AI-Powered Attacks

Security experts are urging organizations to implement multiple layers of defense:

1. Package Manager Controls: Use package managers that prevent postinstall scripts or implement sandboxing tools to isolate package execution.

2. Principle of Least Privilege: Apply PoLP rigorously to CI/CD service accounts and OIDC-linked roles, ensuring no account has more permissions than absolutely necessary.

3. Fine-Grained PATs: Enforce personal access tokens with short expiration windows and specific repository permissions rather than broad, long-lived tokens.

4. Remove Standing Privileges: Eliminate permanent high-risk permissions like the ability to create administrator roles. Require just-in-time elevation for critical operations.

5. Monitor IAM Activity: Implement anomaly detection for IAM activity, watching for unusual role creation, permission escalation, or cross-account access patterns.

6. Shadow AI Controls: Establish strong controls to detect and prevent unauthorized AI agent execution in development environments.

7. Supply Chain Security: Implement comprehensive software supply chain security measures, including dependency scanning and integrity verification for all packages.

The Broader Implications

This attack demonstrates how modern threat actors are combining multiple sophisticated techniques: supply chain compromise, AI-assisted execution, cloud privilege escalation, and data destruction. It’s not just about stealing data anymore—it’s about causing maximum disruption and demonstrating capability.

The use of legitimate tools like Nord Stream and the exploitation of AI assistants already present on developer machines shows that attackers are evolving faster than many organizations’ security postures. Traditional perimeter defenses are irrelevant when the attack originates from within trusted development environments.

The Future of Cybersecurity

As organizations increasingly rely on cloud infrastructure and AI-assisted development tools, the attack surface continues to expand. The UNC6426 incident serves as a wake-up call: the next generation of cyberattacks won’t look like anything we’ve seen before.

Security teams must adapt by implementing defense-in-depth strategies that account for AI-powered attacks, supply chain vulnerabilities, and the reality that attackers may already have access to the same tools and capabilities that legitimate developers use every day.

The 72-hour timeline from compromise to complete cloud takeover isn’t just a technical achievement—it’s a demonstration of how quickly modern organizations can be brought to their knees when multiple security layers fail simultaneously.

tags

Cybersecurity #CloudSecurity #AIAttack #SupplyChainAttack #AWSBreach #GitHubSecurity #Malware #CyberThreat #DataBreach #SecurityIncident #TechNews #DevSecOps #CloudCompromise #UNC6426 #QUIETVAULT #NordStream #OIDCAbuse #IAMSecurity #S3Breach #EC2Attack #RDSDestruction #ShadowAI #PackageManagerSecurity #PrincipleOfLeastPrivilege #SecurityBreach #CyberAttack #DataDestruction #CloudThreat #SecurityVulnerability #CyberSecurityNews

oracionesvirales

AI-powered attack takes over cloud in 72 hours
Threat actors exploit GitHub workflows to steal AWS keys
Supply chain attack uses legitimate AI tools for infiltration
Developer tools turned against organizations in sophisticated breach
Cloud environment destroyed in lightning-fast cyberattack
Security researchers warn of AI-assisted malware evolution
Organizations scrambling to defend against new attack vectors
GitHub tokens become gateway to complete cloud compromise
Attackers leverage LLM tools to bypass traditional security
Cloud security experts call for immediate defensive measures
AI agents expand attack surface beyond traditional detection
Security teams face unprecedented challenges in modern threat landscape
Supply chain vulnerabilities create cascading security failures
Organizations must rethink cloud security architecture
Attack demonstrates speed and sophistication of modern cyber threats
Security community mobilizes to address AI-powered attack techniques
Cloud environments vulnerable to insider-like attacks from external actors
Traditional security tools ineffective against AI-assisted malware
Organizations warned to implement defense-in-depth strategies immediately
Cyberattack timeline reveals critical security gaps in cloud infrastructure

,