Blast Radius · cloud-audit visualizer
See how attackers turn 3 misconfigs into a $190M breach.
Interactive 3D visualization of real AWS attack paths. No Neo4j, no SaaS, no signup. Pick an incident below to watch it unfold in your browser.
2019 · incident
Capital One
SSRF → IMDSv1 → 100M records
100M
records exfiltrated
$190M
total damage
Watch attack unfold →
2025 · incident
Cryptomining
Leaked AKID → 14 ASGs in 10 minutes
10 min
time to compromise
14 ASGs
999 instances each
Watch attack unfold →
2026 · incident
AgentCore
Bedrock sandbox bypass via DNS
CVSS
7.5 severity
Won't fix
AWS: intended
Watch attack unfold →
2024 · incident
Snowflake
Infostealer logs replayed against no-MFA tenants
165
orgs impacted
$28M+
AT&T settlement
Watch attack unfold →
2026 · incident
nx Supply Chain
Trojanized npm → LLM-stealer → GitHub OIDC → admin
<72 h
to admin role
1,000+
tokens leaked
Watch attack unfold →
2025 · incident
Codefinger
AWS-native SSE-C ransomware - HMAC-only audit trail
7 days
until lifecycle delete
Unrecoverable
no key, no decrypt
Watch attack unfold →
2026 · incident
Trivy / TeamPCP
76 of 77 GitHub Action tags force-pushed to stealer
76/77
tags force-pushed
~700 GB
per victim
Watch attack unfold →
Or visualize yours
Drop a cloud-audit JSON
Built by HAIT · powered by cloud-audit