Overview

• A hacker’s pull request on July 13 granted admin privileges to the Amazon QitHub r repository and injected a prompt to delete local files and AWS resources.
• Version 1.84 of the Q extension was publicly released on July 17 with the malicious prompt before AWS silently replaced it with the patched version 1.85.
• Amazon updated its open-source contribution guidelines on July 18 and removed the tainted build from the VS Code marketplace.
• Internal and external reviews determined the injected code was unlikely to function and affirmed that no customer systems or data were impacted.
• The breach highlights growing supply chain vulnerabilities in AI-driven developer tools and has prompted stronger security vetting measures.