I agree this was a security concern and it was reported and addressed appropriately. With that said as things go this is pretty minor; perhaps a medium severity issue. Information disclosures like this may be leveraged by attackers with existing access to the lower environment, in conjunction with other issues, to escalate their privileges. By itself, or without the existing access, it is not usable.
More over, the issue wasn’t that AWS recommended or automatically setup the environment insecurely. Their documentation simply left the commonly known best practice of disallowing trusts from lower to prod environments implicit, rather than explicitly recommending users follow that best practice in using the solution.
I don’t think over-hyping smaller issues, handled appropriately, helps anyone.
The term was used by OpenBSD starting in 1999 for a group of devs getting together for a few days or a week and hacking on specific projects together in person. Not sure about earlier than that but that’s what I still associate the term back to.
The link goes to the press release. The actual advisory (https://www.cisa.gov/news-events/cybersecurity-advisories/aa...), linked from the press release, contains quite a bit more detail. They detail how they have observed Cisco routers being backdoored but don't limit the issue to that manufacturer.