Skip to Content
logologo
AI Incident Database
Open TwitterOpen RSS FeedOpen FacebookOpen LinkedInOpen GitHub
Open Menu
Discover
Submit
  • Welcome to the AIID
  • Discover Incidents
  • Spatial View
  • Table View
  • List view
  • Entities
  • Taxonomies
  • Submit Incident Reports
  • Submission Leaderboard
  • Blog
  • AI News Digest
  • Risk Checklists
  • Random Incident
  • Sign Up
Collapse
Discover
Submit
  • Welcome to the AIID
  • Discover Incidents
  • Spatial View
  • Table View
  • List view
  • Entities
  • Taxonomies
  • Submit Incident Reports
  • Submission Leaderboard
  • Blog
  • AI News Digest
  • Risk Checklists
  • Random Incident
  • Sign Up
Collapse

Incident 1158: Alleged Malicious Wiping Command Found in Amazon Q AI Assistant

Responded
Description: A reported compromise of Amazon's AI coding assistant "Q" allegedly involved the insertion of commands that, if executed, could have wiped local files and potentially affected cloud resources. The altered code was reportedly incorporated into a public release before being detected and removed.
Editor Notes: For more information, see the Amazon security bulletin incident statement at https://aws.amazon.com/security/security-bulletins/AWS-2025-015/ and the SourceForge archive of the compromised release (v1.84.0) at https://sourceforge.net/projects/aws-toolkit-for-vs-code.mirror/files/amazonq_v1.84.0/.

Tools

New ReportNew ReportNew ResponseNew ResponseDiscoverDiscoverView HistoryView History

Entities

View all entities
Alleged: Amazon , Amazon Web Services , AWS , Amazon Q AI coding assistant (AWS Toolkit for Visual Studio Code) , Amazon Q Developer Extension v1.84.0 and GitHub repository for Amazon Q / AWS Toolkit developed and deployed an AI system, which harmed aws tOOLKIT USERS , Amazon Q users and Amazon Web Services (AWS) customers.
Alleged implicated AI systems: Amazon Q AI coding assistant (AWS Toolkit for Visual Studio Code) , Amazon Q Developer Extension v1.84.0 and GitHub repository for Amazon Q / AWS Toolkit

Incident Stats

Incident ID
1158
Report Count
3
Incident Date
2025-07-17
Editors
Daniel Atherton

Incident Reports

Reports Timeline

Incident Occurrence+1
Hacker slips malicious 'wiping' command into Amazon's Q AI coding assistant - and devs are worried
Security Update for Amazon Q Developer Extension for Visual Studio Code (Version #1.84) - Response
Hacker slips malicious 'wiping' command into Amazon's Q AI coding assistant - and devs are worried

Hacker slips malicious 'wiping' command into Amazon's Q AI coding assistant - and devs are worried

zdnet.com

Amazon AI Breach: A Harsh Wake-Up Call for AI Regulation

Amazon AI Breach: A Harsh Wake-Up Call for AI Regulation

citizen.org

Security Update for Amazon Q Developer Extension for Visual Studio Code (Version #1.84)

Security Update for Amazon Q Developer Extension for Visual Studio Code (Version #1.84)

aws.amazon.com

Hacker slips malicious 'wiping' command into Amazon's Q AI coding assistant - and devs are worried
zdnet.com · 2025

A while back, my ZDNET colleague David Gewirtz worried that someday AI coding agents could destroy open-source software. That day has come. A hacker managed to plant destructive wiping commands into Amazon's "Q" AI coding agent. 

This has s…

Amazon AI Breach: A Harsh Wake-Up Call for AI Regulation
citizen.org · 2025

WASHINGTON, D.C. --- Amazon's generative AI coding assistant, Amazon Q, was compromised by a hacker who injected malicious code into the tool's GitHub repository. The code instructed the AI to wipe users' systems and cloud resources. Amazon…

Security Update for Amazon Q Developer Extension for Visual Studio Code (Version #1.84)
aws.amazon.com · 2025
Amazon Web Services, AWS post-incident response

Scope: AWS
Content Type: Important (requires attention)
Publication Date: 2025/07/23 6:00 PM PDT
Updated Date: 2025/07/25 6:00 PM PDT

Description:

Amazon Q Developer for Visual Studio Code (VS Code) Extension is a development tool that inte…

Variants

A "variant" is an AI incident similar to a known case—it has the same causes, harms, and AI system. Instead of listing it separately, we group it under the first reported incident. Unlike other incidents, variants do not need to have been reported outside the AIID. Learn more from the research paper.
Seen something similar?

Similar Incidents

By textual similarity

Did our AI mess up? Flag the unrelated incidents

Game AI System Produces Imbalanced Game

Game AI System Produces Imbalanced Game

Jun 2016 · 11 reports
Wikipedia Vandalism Prevention Bot Loop

Wikipedia Vandalism Prevention Bot Loop

Feb 2017 · 6 reports
TayBot

TayBot

Mar 2016 · 28 reports
Previous IncidentNext Incident

Similar Incidents

By textual similarity

Did our AI mess up? Flag the unrelated incidents

Game AI System Produces Imbalanced Game

Game AI System Produces Imbalanced Game

Jun 2016 · 11 reports
Wikipedia Vandalism Prevention Bot Loop

Wikipedia Vandalism Prevention Bot Loop

Feb 2017 · 6 reports
TayBot

TayBot

Mar 2016 · 28 reports

Research

  • Defining an “AI Incident”
  • Defining an “AI Incident Response”
  • Database Roadmap
  • Related Work
  • Download Complete Database

Project and Community

  • About
  • Contact and Follow
  • Apps and Summaries
  • Editor’s Guide

Incidents

  • All Incidents in List Form
  • Flagged Incidents
  • Submission Queue
  • Classifications View
  • Taxonomies

2024 - AI Incident Database

  • Terms of use
  • Privacy Policy
  • Open twitterOpen githubOpen rssOpen facebookOpen linkedin
  • a9df9cf