A large-scale attack campaign targets Amazon AI to deploy malware that takes over the system.

Overview On July 13, 2025, a hacker used a GitHub account with the name “lkmanka58“ to submit a pull request to the open-source repository of Amazon Q – an AI programming extension for Visual Studio Code (VS Code). After gaining access, the attacker ...