Serious Security Flaw in Amazon’s AI Coding Tool Puts Nearly a Million Users at Risk

In a recent cybersecurity incident, Amazon’s AI-powered coding assistant was compromised, potentially exposing close to one million users to significant security threats. The attacker gained the ability to insert malicious code into the open-source repository hosted on GitHub, which is used to develop and improve the assistant.

This malicious code included instructions that, if executed, could have led to catastrophic consequences—such as deleting user files and wiping out cloud infrastructure linked to Amazon Web Services (AWS) accounts. This vulnerability highlights the risks associated with integrating AI tools into development workflows, especially when they rely on publicly accessible repositories.

Organizations utilizing such AI assistants should be aware of the importance of diligent code review and security measures to prevent malicious injections that could compromise sensitive data or disrupt cloud-based operations.

For more detailed information, you can read the original report at TechSpot: Read more.