[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"focus:cert-eu-european-commission-hack-exposes-data-of-30-eu-entities-mnkcn0gz":3},{"item":4},{"id":5,"title":6,"slug":7,"summary":8,"severity":9,"category":10,"cve_ids":11,"affected_products":12,"action_required":16,"article_ids":17,"ioc_summary":19,"source_urls":20,"status":22,"expires_at":23,"created_at":24,"updated_at":25,"articles":26},"3f5b6153-f077-44fa-b601-c85710ca228a","CERT-EU: European Commission hack exposes data of 30 EU entities","cert-eu-european-commission-hack-exposes-data-of-30-eu-entities-mnkcn0gz","TeamPCP compromised an AWS API key stolen from the Trivy supply-chain attack to breach the European Commission's cloud environment on March 10, exposing 90GB of data including personal information and emails from 42 Commission clients and 29+ other EU entities now leaked on the dark web. If your organization uses AWS and pulled compromised Trivy versions, your credentials may be at risk. Verify API key rotation and audit cloud access logs for unauthorized activity.","critical","advisory",[],[13,14,15],"Amazon Web Services","European Commission","LiteLLM","Audit all AWS API keys and service account credentials for creation dates around the Trivy compromise window. Rotate any keys created or last rotated before March 10. Search CloudTrail logs for API calls from unfamiliar source IPs and disabled MFA sessions.",[18],"57b6d2db-512a-4da8-8547-d10e9b03176a",null,[21],"https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fcert-eu-european-commission-hack-exposes-data-of-30-eu-entities\u002F","archived","2026-04-06T13:09:13.862+00:00","2026-04-04T13:09:16.529267+00:00","2026-04-06T14:08:05.246264+00:00",[27],{"id":18,"title":6,"url":21}]