Compromised Amazon Q extension told AI to delete everything – and it shipped

Malicious actor reportedly sought to expose AWS ‘security theater’

The official Amazon Q extension for Visual Studio Code (VS Code) was compromised to include a prompt to wipe the user’s home directory and delete all their AWS resources.…