Information security
fromTheregister
3 days agoAWS patches Q Developer after prompt injection, RCE demo
Amazon fixed prompt-injection and RCE-capable vulnerabilities in the Amazon Q Developer VS Code extension by updating the language server and adding human-in-the-loop approval.