SecurityWeek

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories

Amazon Q vulnerability could allow attackers to steal developer cloud credentials by luring them into opening a booby-trapped ...
Hosted on MSN

Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE

Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to leak secrets, including API keys from a developer's ...
CSOonline

Hackers can slip ghost commands into the Amazon Q Developer VS Code Extension

The Amazon Q Developer VS Code Extension is reportedly vulnerable to stealthy prompt injection attacks using invisible Unicode Tag characters. According to the author of the “Embrace The Red” blog, ...
Bleeping Computer

Amazon AI coding agent hacked to inject data wiping commands

A hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code. Amazon Q is a free extension that uses generative AI to ...
Business Insider

Amazon's AI coding assistant Q lags rivals in revenue, internal data shows

You're currently following this author! Want to unfollow? Unsubscribe via the link in your email. Amazon's AI coding assistant Q Developer saw revenue fall behind rivals in its first year, prompting ...
Hosted on MSN

Amazon Q developer AI tool hacked via GitHub pull request

The recent hack of Amazon’s AI-based coding assistant, Q Developer, has brought up serious concerns about the security of generative AI tools in software development. Reports conducted by Bloomberg ...