latesthackingnews.comOpinion

Amazon Q’s MCP Flaw Is an Industry Warning: AI Tools Still Lack Workspace Trust Standards

CVE-2026-12957 in Amazon Q is the third MCP auto-execution vulnerability in three AI coding tools. The pattern reveals a ...
Dark Reading

Amazon Q VS Extension Flaw Leads to Cloud Credential Theft

Adversaries could plant a malicious repository that executes arbitrary code and steals cloud credentials, showcasing MCP risk ...
SecurityWeek

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories

Amazon Q vulnerability could allow attackers to steal developer cloud credentials by luring them into opening a booby-trapped ...
TechCrunch

Amazon CodeCatalyst provides blueprints for collaborative app development

During a keynote at re:Invent 2022 today, Amazon announced CodeCatalyst, a service designed to take away the heavy lifting of working across different codebases, tools and environments to build apps.
InfoWorld

Amazon Q Developer review: Code completions, code chat, and AWS skills

Amazon Q Developer works well for completing lines of code, doc strings, and if/for/while/try code blocks, but can’t generate full functions for certain use cases. When I reviewed Amazon CodeWhisperer ...
Bleeping Computer

Amazon AI coding agent hacked to inject data wiping commands

A hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code. Amazon Q is a free extension that uses generative AI to ...