Techly NewsGet the app

Get the latest tech news

Hacker slips malicious 'wiping' command into Amazon's Q AI coding assistant


Had Q executed this, it would have erased local files and, under certain conditions, dismantled AWS cloud infrastructure.

If the coding assistant had executed this, it would have erased local files and, if triggered under certain conditions, could have dismantled a company's Amazon Web Services (AWS) cloud infrastructure. The real problem was that this potentially dangerous update had somehow passed Amazon's verification process and was included in a public release of the tool earlier in July. Moreover, as 404Media, which broke the story, reported, once the incident surfaced, Amazon quietly removed the compromised version of the Q Developer extension from the Visual Studio Code Marketplace, without a changelog note, advisory, or Common Vulnerabilities and Exposures (CVE) entry.

Get the Android app

Or read this on ZDNet

Read more on:

Photo of Amazon

Amazon

Photo of devs

devs

Photo of Assistant

Assistant

Related news:

News photo

Amazon introduces a more affordable color screen Kindle

News photo

Amazon announces a slightly cheaper Kindle Colorsoft with half the storage

News photo

Amazon just released the first full-color Kindle for the youngest readers

« A Premium Luggage Service’s Web Bugs Exposed the Travel Plans of Every User—Including Diplomats
T‑Mobile's Starlink service is now available to anyone on any carrier - how to sign up »