On November 28, 2025, the Sysdig Threat Research Team (TRT) reported a cloud attack where an adversary gained administrative access to an AWS environment in under 10 minutes. The threat actor exploited stolen credentials found in public S3 buckets, which were likely meant for AI model training. They escalated privileges through Lambda function code injection, moving laterally across 19 AWS principals and utilizing tools like Amazon Bedrock for LLMjacking, which enabled them to automate various steps of the attack. The initial access came from valid test credentials linked to an Identity and Access Management (IAM) user with extensive permissions. The attacker conducted reconnaissance across multiple AWS services, including Secrets Manager and CloudWatch, to map out resources. They also targeted AI-related services, demonstrating a clear focus on exploiting AI tools and data. During this reconnaissance phase, they identified potential administrative roles and attempted privilege escalation. Privilege escalation was achieved by modifying a Lambda function to inject malicious code, which allowed the attacker to list IAM users and create new access keys for an admin user named "frick." The code executed efficiently and included comments in Serbian, hinting at the attacker’s origin. This quick sequence of actions, from credential theft to Lambda execution, showcased the threat actor's ability to leverage automation and AI tools effectively. The attack exemplified several vulnerabilities within cloud environments, such as the dangers of storing access keys in public buckets. The Sysdig TRT emphasized the need for organizations to adopt IAM roles with temporary credentials instead of long-term keys, and to monitor for suspicious patterns like extensive resource enumeration. This incident serves as a stark reminder of the evolving threat landscape and the importance of proactive security measures.