THREATOPS
THREAT OPSThreat News › Behind the console: Active phishing campaign targeting AWS console credentials

Behind the console: Active phishing campaign targeting AWS console credentials

infodatadog_seclabsPublished 2026-03-09

Datadog Security Research identified an active adversary-in-the-middle (AiTM) phishing campaign targeting AWS Console credentials via typosquatted domains that mimic AWS infrastructure.

MITRE ATT&CK techniques

Original source: https://securitylabs.datadoghq.com/articles/behind-the-console-aws-aitm-phishing-campaign/