These risk actors had been then in the position to steal AWS session tokens, the temporary keys that help you request temporary qualifications to the employer??s AWS account. By hijacking active tokens, the attackers had been in a position to bypass MFA controls and obtain usage of Risk-free Wa