Amazon Q – Experimental News Clipping Site

Embrace The Red: Wrap Up: The Month of AI Bugs

Aug 31, 2025

—

by

Source URL: https://embracethered.com/blog/posts/2025/wrapping-up-month-of-ai-bugs/ Source: Embrace The Red Title: Wrap Up: The Month of AI Bugs Feedly Summary: That’s it. The Month of AI Bugs is done. There won’t be a post tomorrow, because I will be at PAX West. Overview of Posts ChatGPT: Exfiltrating Your Chat History and Memories With Prompt Injection | Video ChatGPT…

Embrace The Red: AgentHopper: An AI Virus Research Project

Aug 30, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/agenthopper-a-poc-ai-virus/ Source: Embrace The Red Title: AgentHopper: An AI Virus Research Project Feedly Summary: As part of the Month of AI Bugs, serious vulnerabilities that allow remote code execution via indirect prompt injection were discovered. There was a period of a few weeks where multiple arbitrary code execution vulnerabilities existed in popular agents,…

The Register: Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/20/amazon_quietly_fixed_q_developer_flaws/ Source: The Register Title: Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE Feedly Summary: Move along, nothing to see here Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to…

Embrace The Red: Amazon Q Developer for VS Code Vulnerable to Invisible Prompt Injection

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-interprets-hidden-instructions/ Source: Embrace The Red Title: Amazon Q Developer for VS Code Vulnerable to Invisible Prompt Injection Feedly Summary: The Amazon Q Developer VS Code Extension (Amazon Q) is a very popular coding agent, with over 1 million downloads. In previous posts we showed how prompt injection vulnerabilities in Amazon Q could lead…

Embrace The Red: Amazon Q Developer: Remote Code Execution with Prompt Injection

Aug 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-remote-code-execution/ Source: Embrace The Red Title: Amazon Q Developer: Remote Code Execution with Prompt Injection Feedly Summary: The Amazon Q Developer VS Code Extension (Amazon Q) is a popular coding agent, with over 1 million downloads. The extension is vulnerable to indirect prompt injection, and in this post we discuss a vulnerability that…

Embrace The Red: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection

Aug 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-data-exfil-via-dns/ Source: Embrace The Red Title: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection Feedly Summary: The next three posts will cover high severity vulnerabilities in the Amazon Q Developer VS Code Extension (Amazon Q), which is a very popular coding agent, with over 1 million downloads. It is vulnerable to…

Simon Willison’s Weblog: My Lethal Trifecta talk at the Bay Area AI Security Meetup

Aug 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Aug/9/bay-area-ai/#atom-everything Source: Simon Willison’s Weblog Title: My Lethal Trifecta talk at the Bay Area AI Security Meetup Feedly Summary: I gave a talk on Wednesday at the Bay Area AI Security Meetup about prompt injection, the lethal trifecta and the challenges of securing systems that use MCP. It wasn’t recorded but I’ve created…

AWS News Blog: AWS Weekly Roundup: Amazon DocumentDB, AWS Lambda, Amazon EC2, and more (August 4, 2025)

Aug 4, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://aws.amazon.com/blogs/aws/aws-weekly-roundup-amazon-documentdb-aws-lambda-amazon-ec2-and-more-august-4-2025/ Source: AWS News Blog Title: AWS Weekly Roundup: Amazon DocumentDB, AWS Lambda, Amazon EC2, and more (August 4, 2025) Feedly Summary: This week brings an array of innovations spanning from generative AI capabilities to enhancements of foundational services. Whether you’re building AI-powered applications, managing databases, or optimizing your cloud infrastructure, these updates…

The Register: Compromised Amazon Q extension told AI to delete everything – and it shipped

Jul 24, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/07/24/amazon_q_ai_prompt/ Source: The Register Title: Compromised Amazon Q extension told AI to delete everything – and it shipped Feedly Summary: Malicious actor reportedly sought to expose AWS ‘security theater’ The official Amazon Q extension for Visual Studio Code (VS Code) was compromised to include a prompt to wipe the user’s home directory and…

AWS News Blog: Streamline the path from data to insights with new Amazon SageMaker Catalog capabilities

Jul 16, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://aws.amazon.com/blogs/aws/streamline-the-path-from-data-to-insights-with-new-amazon-sagemaker-capabilities/ Source: AWS News Blog Title: Streamline the path from data to insights with new Amazon SageMaker Catalog capabilities Feedly Summary: Amazon SageMaker has introduced three new capabilities—Amazon QuickSight integration for dashboard creation, governance, and sharing, Amazon S3 Unstructured Data Integration for cataloging documents and media files, and automatic data onboarding from Lakehouse—that…

Tag: Amazon Q