{"id":36200,"date":"2020-07-21T23:10:17","date_gmt":"2020-07-21T23:10:17","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/"},"modified":"2020-07-21T23:10:17","modified_gmt":"2020-07-21T23:10:17","slug":"twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/","title":{"rendered":"Twilio: Someone broke into our unsecured AWS S3 silo, added &#8216;non-malicious&#8217; code to our JavaScript SDK"},"content":{"rendered":"<p><strong class=\"trailer\">Exclusive<\/strong> Twilio today confirmed one or more miscreants sneaked into its unsecured cloud storage systems and modified a copy of the JavaScript SDK used by its customers.<\/p>\n<p>The cloud communications giant detailed the intrusion to <i>The Register<\/i> after we were tipped off to the security blunder by a source who wished to remain anonymous. In short, someone was able to get into Twilio&#8217;s Amazon Web Services S3 bucket, which was left unprotected and world-writable, and alter the <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/www.twilio.com\/docs\/taskrouter\/js-sdk\">TaskRouter v1.20 SDK<\/a> to include &#8220;non-malicious&#8221; code that appeared designed primarily to track whether or not the modification worked.<\/p>\n<p>&#8220;Twilio believes the security of our customers&#8217; accounts is of paramount importance,&#8221; a spokesperson told us.<\/p>\n<p>&#8220;We can confirm that the TaskRouter v1.20 SDK contained a non-malicious modification inserted by an external third party due to a misconfigured S3 bucket. We became aware of the incident and immediately worked to close the S3 misconfiguration and audit all S3 buckets.<\/p>\n<p>&#8220;These measures were implemented within 12 hours to resolve the issue. We have no evidence at this time that any customer data was accessed by a bad actor. Furthermore, at no time did a malicious party have access to Twilio\u2019s internal systems, code or data.&#8221;<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2018\/10\/11\/shutterstock_552655498.jpg?x=174&amp;y=115&amp;crop=1\" width=\"174\" height=\"115\" alt=\"Phone with chatbot on screen\"><\/p>\n<h2 title=\"Cloud comms upstart touts more authentic engagement through artificial intelligence\">Twilio tweaks twicky twalkative bot toows to dewight devewopers: It&#8217;s Autopilot for chat apps<\/h2>\n<p><a href=\"https:\/\/www.theregister.com\/2018\/10\/17\/twilio_autopilot\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>The JavaScript SDK is Twilio&#8217;s recommended method for linking your business events, such as incoming phone calls from customers and alerts from monitoring systems, to its <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/www.twilio.com\/docs\/taskrouter\/how-taskrouter-works\">TaskRouter platform<\/a>, which routes calls and jobs to your staff. For instance, if someone who prefers to speak Spanish hits the &#8220;call me, I need help&#8221; button on your website, your web app uses the TaskRouter SDK to create a task, in this case &#8220;call this customer now,&#8221; which is routed via a queue to a staffer who can speak Spanish and handle the call.<\/p>\n<p>Our source warned us: &#8220;There&#8217;s been a security incident at Twilio. Malicious JavaScript was added to the TaskRouter SDK for about 10 hours.&#8221; When we pressed Twilio for more information on the nature of the &#8220;non-malicious&#8221; code it said was injected into the SDK, Twilio told us:<\/p>\n<p>Judging by that snippet, it looks as though this was a near-miss, and whoever accessed the system was simply probing around the codebase to see what they could change in the S3 bucket potentially ahead of any major or dangerous changes. And judging from the URL involved, it appears to be an attempt to install a payment-card skimmer \u2013 RiskIQ has <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/www.riskiq.com\/blog\/labs\/misconfigured-s3-buckets\/\">spotted<\/a> the same URL in other S3 buckets targeted by miscreants.<\/p>\n<p>Given that TaskRouter.js serves as one of the link-ups between business applications and the TaskRouter service, this could have been a much worse attack. Twilio tells us it is planning to issue a report with more information on the incident in the coming days. In the meantime, if you recently downloaded and deployed a copy of the SDK, you might want to check you have a clean version. \u00ae<\/p>\n<p> <i>Tell us something no one else knows: <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/www.theregister.com\/about\/company\/contact\/\">contact us securely<\/a>.<\/i>\n<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2020\/07\/21\/twilio_sdk_code_injection\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>API dev kit remained modified for hours, says source Exclusive\u00a0 Twilio today confirmed one or more miscreants sneaked into its unsecured cloud storage systems and modified a copy of the JavaScript SDK used by its customers.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":36201,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-36200","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Twilio: Someone broke into our unsecured AWS S3 silo, added &#039;non-malicious&#039; code to our JavaScript SDK 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Twilio: Someone broke into our unsecured AWS S3 silo, added &#039;non-malicious&#039; code to our JavaScript SDK 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-07-21T23:10:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"174\" \/>\n\t<meta property=\"og:image:height\" content=\"115\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Twilio: Someone broke into our unsecured AWS S3 silo, added &#8216;non-malicious&#8217; code to our JavaScript SDK\",\"datePublished\":\"2020-07-21T23:10:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\\\/\"},\"wordCount\":526,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\\\/\",\"name\":\"Twilio: Someone broke into our unsecured AWS S3 silo, added 'non-malicious' code to our JavaScript SDK 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk.jpg\",\"datePublished\":\"2020-07-21T23:10:17+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Twilio: Someone broke into our unsecured AWS S3 silo, added &#8216;non-malicious&#8217; code to our JavaScript SDK\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Twilio: Someone broke into our unsecured AWS S3 silo, added 'non-malicious' code to our JavaScript SDK 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/","og_locale":"en_US","og_type":"article","og_title":"Twilio: Someone broke into our unsecured AWS S3 silo, added 'non-malicious' code to our JavaScript SDK 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-07-21T23:10:17+00:00","og_image":[{"width":174,"height":115,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Twilio: Someone broke into our unsecured AWS S3 silo, added &#8216;non-malicious&#8217; code to our JavaScript SDK","datePublished":"2020-07-21T23:10:17+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/"},"wordCount":526,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/","url":"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/","name":"Twilio: Someone broke into our unsecured AWS S3 silo, added 'non-malicious' code to our JavaScript SDK 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk.jpg","datePublished":"2020-07-21T23:10:17+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/twilio-someone-broke-into-our-unsecured-aws-s3-silo-added-non-malicious-code-to-our-javascript-sdk\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Twilio: Someone broke into our unsecured AWS S3 silo, added &#8216;non-malicious&#8217; code to our JavaScript SDK"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36200","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=36200"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36200\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/36201"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=36200"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=36200"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=36200"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}