Hosted on MSN

Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE

Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to leak secrets, including API keys from a developer's ...
CSOonline

Hackers can slip ghost commands into the Amazon Q Developer VS Code Extension

The Amazon Q Developer VS Code Extension is reportedly vulnerable to stealthy prompt injection attacks using invisible Unicode Tag characters. According to the author of the “Embrace The Red” blog, ...
Hosted on MSN

Hacker adds potentially catastrophic prompt to Amazon's AI coding service to prove a point

A recent breach involving Amazon’s AI coding assistant, Q, has raised fresh concerns about the security of large language model based tools. A hacker successfully added a potentially destructive ...
SiliconANGLE

Amazon Q introduces AI-powered inline chat directly in the code editor for developers

Amazon Q Developer, Amazon Web Services Inc.’s artificial intelligence software development assistant, today announced support for inline chat that combines the ability to invoke assistants within ...
TechRepublic

Hacker Exposes Amazon Q Security Flaws Using Covert Code

Generative AI virtual assistant Amazon Q was unveiled by AWS CEO Adam Selipsky in 2023. Image: AWS A hacker recently injected code into Amazon Q in order to warn users of the platform’s potential ...
InfoQ

Amazon Brings AI Assistant to Software Development as Part of Amazon Q Suite

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Birgitta Böckeler, Distinguished Engineer at ...