Amazon Q AI Coding Assistant Vulnerability Exposes Cloud Credentials

The event involves an AI system (Amazon Q) that automatically executes commands from project configuration files, which is a use of AI to assist coding. The vulnerability allowed attackers to execute arbitrary code and access sensitive credentials, directly causing harm to property and security. The harm is realized, not just potential, as demonstrated by the proof-of-concept attack. Therefore, this qualifies as an AI Incident because the AI system's malfunction directly led to significant harm.

The event involves an AI system (Amazon Q Developer) whose malfunction (automatic execution of malicious config files) directly enables credential theft, a form of harm to property and security. The vulnerability's exploitation would lead to unauthorized access to cloud resources, constituting a clear AI Incident as the AI system's use and malfunction have directly led to or could lead to harm. Despite no public exploitation so far, the article focuses on the realized vulnerability and its potential for harm, fitting the AI Incident classification rather than a mere hazard or complementary information.

The event involves an AI system (Amazon Q, an AI-powered coding assistant) whose malfunction (automatic execution of malicious MCP configurations) directly led to security breaches including arbitrary code execution and credential theft. These harms fall under violations of security and intellectual property rights, qualifying as an AI Incident. The description details realized harm, not just potential risk, and includes concrete attack scenarios and exploitation methods. Therefore, this is classified as an AI Incident rather than a hazard or complementary information.