A simple CodeBuild flaw put every AWS environment at risk – and pwned 'the central nervous system of the cloud'

And it's 'not unique to AWS,' researcher tells The Reg A critical misconfiguration in AWS's CodeBuild service allowed ...
ZDNet

AWS's AI code reviewer now spots Log4Shell-like bugs in Java and Python code

Amazon Web Services (AWS) has updated the 'detectors' in its CodeGuru Reviewer tool to seek out log injection flaws like the recently disclosed Log4Shell bug in the popular Java logging library Log4J.
ZDNet

Amazon's CodeGuru is out: AI tool checks code and suggests changes to save you money

Amazon Web Services (AWS) has announced general availability of its machine-learning tool CodeGuru, which helps developers streamline applications and improve the quality of their code. The service ...
IT News For Australia Business

Code syntax error prevented hacked AWS AI dev extension from running

AWS has published further details of an incident involving one of its artificial intelligence development tools, which saw an unknown threat actor inject a malicious prompt into a source code ...
Cybernews

AWS dodges massive cyber disaster: every account was in danger

Wiz Research discovered and responsibly disclosed a critical vulnerability in AWS CodeBuild that could have led to a massive platform-wide compromise.
Bleeping Computer

Amazon AI coding agent hacked to inject data wiping commands

A hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code. Amazon Q is a free extension that uses generative AI to ...