Who is giving a robot their credit card to spin up AWS accounts?
They didn't. Sounds like they gave the robot an AWS key from an account that was already linked to a credit card.
The robot decided to spin up an expensive setup prior to getting access, so the setup was sitting there costing money whilst it did nothing.
If it had designed the setup but not spun it up until it had authorisation to join the network then it would have been much less costly an exercise.
loading story #48502727
Meta allowed an LLM to change users email address for a password reset.
Funny times are ahead...
No, you don't understand! Meta told us the LLM itself "worked properly and functioned as intended" and it was only due to a bug in a "separate code path" that made this attack possible. Don't go around blaming innocent LLMs!
(/s)
That's not needed if you happen to have a live sts session with the appropriate permissions to create a new account in an aws organization.