These risk actors had been then capable of steal AWS session tokens, the short-term keys that let you request short-term credentials for your employer??s AWS account. By hijacking active tokens, the attackers were able to bypass MFA controls and gain usage of Secure Wallet ??s AWS account. By timing their efforts to coincide with the developer??s