A malicious pull request slipped through Amazon’s review process and into version 1.84.0 of the Amazon Q extension for Visual Studio Code, briefly arming the popular AI assistant with instructions to wipe users’ local files and AWS resources. The rogue code, discovered by 404 Media, embedded a system prompt telling the agent to “clean a […]
The post Hackers Injected Destructive System Commands in Amazon’s AI Coding Agent appeared first on Cyber Security News.
This article has been indexed from Cyber Security News