Amazon Q flaw let booby-trapped Git repos execute code, swipe cloud creds

A high-severity flaw in Amazon's AI coding assistant for Visual Studio Code meant that opening the wrong Git repository could ...
SecurityWeek

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories

Amazon Q vulnerability could allow attackers to steal developer cloud credentials by luring them into opening a booby-trapped ...
Bleeping Computer

Amazon AI coding agent hacked to inject data wiping commands

A hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code. Amazon Q is a free extension that uses generative AI to ...
InfoWorld

Amazon Q Developer review: Code completions, code chat, and AWS skills

Amazon Q Developer works well for completing lines of code, doc strings, and if/for/while/try code blocks, but can’t generate full functions for certain use cases. When I reviewed Amazon CodeWhisperer ...