Default AWS Credential Caching Puts 98% of Cloud Resources at Risk

A cached AWS access key was stored on a single Windows machine after a user logged in, following standard AWS behavior without misconfiguration or policy violations. The key, accessible to a low-level attacker, could have compromised up to 98% of the company’s cloud-based entities. No specific threat actor, timeline, or CVE identifiers were mentioned in the incident. The risk stemmed from default credential caching mechanisms rather than explicit security failures. The impact involved potential unauthorized access to nearly all cloud resources within the affected organization.