A recent security incident involving Amazon’s AI coding assistant, ‘Q,’ has raised concerns about cybersecurity in AI tools. A hacker compromised the system by injecting malicious code aimed at wiping user computers, which was inadvertently released in an update. This breach underscores the escalating trend of hackers targeting AI-powered applications to extract data or infiltrate corporate security.
The hacker’s code included commands prompting the AI extension to reset systems to a near-factory state. Although the actual risk of data loss was low, the hacker claimed potential for far greater damage. They exploited a vulnerability by submitting a pull request through an anonymous account, reportedly obtaining Amazon’s admin credentials easily. Despite this incident, Amazon assured that no customer resources were affected and stated that they have fully resolved the issue. This event highlights the importance of robust security measures in protecting AI technologies from infiltration.
Source link
