CSOonline

Hackers can slip ghost commands into the Amazon Q Developer VS Code Extension

The Amazon Q Developer VS Code Extension is reportedly vulnerable to stealthy prompt injection attacks using invisible Unicode Tag characters. According to the author of the “Embrace The Red” blog, ...
Hosted on MSN

Amazon's AI coding agent was hacked - update now to avoid possible risks, users warned

Experts claim Amazon Q Developer Extension for VSC v1.84.0 had some dodgy code This has now been removed, with version 1.85.0 offering a clean fix Around 5.6% of VSC extensions have been compromised A ...
Bleeping Computer

Amazon AI coding agent hacked to inject data wiping commands

A hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code. Amazon Q is a free extension that uses generative AI to ...
CSOonline

Hacker inserts destructive code in Amazon Q tool as update goes live

A hacker managed to insert destructive system commands into Amazon’s Visual Studio Code extension used for accessing its AI-powered coding assistant, Q, which was later distributed to users through an ...
TechRepublic

Hacker Exposes Amazon Q Security Flaws Using Covert Code

Generative AI virtual assistant Amazon Q was unveiled by AWS CEO Adam Selipsky in 2023. Image: AWS A threat actor managed to insert a data-wiping prompt into Amazon’s AI coding assistant Q in July, ...