Hosted on MSN

Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE

Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to leak secrets, including API keys from a developer's ...
CSOonline

Hackers can slip ghost commands into the Amazon Q Developer VS Code Extension

The Amazon Q Developer VS Code Extension is reportedly vulnerable to stealthy prompt injection attacks using invisible Unicode Tag characters. According to the author of the “Embrace The Red” blog, ...
Hosted on MSN

Hacker adds potentially catastrophic prompt to Amazon's AI coding service to prove a point

A recent breach involving Amazon’s AI coding assistant, Q, has raised fresh concerns about the security of large language model based tools. A hacker successfully added a potentially destructive ...
SiliconANGLE

Amazon Q introduces AI-powered inline chat directly in the code editor for developers

Amazon Q Developer, Amazon Web Services Inc.’s artificial intelligence software development assistant, today announced support for inline chat that combines the ability to invoke assistants within ...
InfoWorld

Amazon rolls out a genAI-powered inline chat function for Amazon Q Developer

Saving even a few keystrokes is worth quite a bit to enterprise developers, and to assist with that, Amazon Tuesday rolled out an updated version of its genAI-powered in-IDE chat capabilities that ...