Identity compromise remains a major threat to cloud infrastructure, allowing attackers with valid credentials to evade traditional security controls. In AWS, such compromises often involve abuse of the Simple Email Service (SES) for illicit email operations. Recent investigations revealed a campaign where stolen AWS credentials were used to exploit SES....