<p>It was an attack scenario that has played out in code repositories, particularly open source repositories, for years — a credentials leak allowed an attacker to publish a malicious command.</p>
<div class=”ad-wrapper ad-embedded”>
<div id=”halfpage” class=”ad ad-hp”>
<script>GPT.display(‘halfpage’)</script>
</div>
<div id=”mu-1″ class=”ad ad-mu”>
<script>GPT.display(‘mu-1’)</script>
</div>
</div>
<p>An anonymous person submitted the command to the GitHub repository belonging to the Visual Studio Code (VS Code) extension for the <a target=”_blank” href=”https://www.techtarget.com/searchenterpriseai/news/366583032/Amazon-Q-GenAI-assistant-out-for-developers-AWS-users” rel=”noopener”>Amazon Q</a> coding agent. The command was published in version 1.84 of the extension on July 17 and remained available until July 19. According to an Amazon postmortem <a target=”_blank” href=”https://aws.amazon.com/security/security-bulletins/AWS-2025-015/” rel=”noopener”>published</a> on July 23 and updated July 25, the command author gained access to the release process for the repository using an “inappropriately scoped GitHub token in [the repo’s] CodeBuild configuration.”</p>
<p>The command instructed the agent to “clean a system to a near-factory state and delete file-system and cloud resources,” according to a July 23 <a target=”_blank” href=”https://www.404media.co/hacker-plants-computer-wiping-commands-in-amazons-ai-coding-agent/” rel=”noopener”>report</a> that was confirmed by an Amazon spokesperson.</p>
<p>An Amazon spokesperson said last week that staff detected the malicious command through code inspection, but didn’t say how it had escaped notice for multiple days. The command would not have executed successfully due to a syntax error, according to the postmortem. A person claiming to be the author of the command said in an interview that the command had intentionally been disabled but was published to demonstrate Amazon’s lax security.</p>
<p>In other words, it was in most ways a fairly typical open source <a href=”https://www.techtarget.com/searchitoperations/news/252516521/Software-supply-chain-security-risks-surround-Kubernetes”>software supply chain attack</a>, according to security experts.</p>
<p>”Open source projects traditionally welcome assistance from the gene
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: