Supply ChainHigh

Amazon Q Developer extension shipped with a data-wiping prompt

July 2025  ·  Amazon Q Developer (VS Code)

What happened

An outside contributor was granted excessive permissions and merged a prompt-injection payload instructing the AI assistant to delete local files and AWS resources. It shipped in the official v1.84.0 release.

Root cause

A repository access-control and PR-review failure let an untrusted contributor merge a malicious wiper prompt into a signed, distributed extension.

Fix / outcome

AWS revoked credentials, removed the code, and released v1.85.0. The payload never executed because a syntax error prevented it from running.

Sources

BleepingComputer

Learn this attack class

This incident is an example of Supply Chain. Read the guide, then try it hands-on in the Academy.

Read the guide →

← Back to the Incident Database