Tech & Startups
A single config file in a cloned repository could steal your AWS credentials through Amazon Q Developer
A high-severity flaw in Amazon Q Developer allowed a malicious code repository to silently execute commands on a developer’s machine and steal their AWS credentials. Wiz Research discovered the vulnerability, tracked as CVE-2026-12957, and reported it to Amazon on April 20. Amazon patched the issue on May 12, and the disclosure went public today. The […] This story continues at The Next Web
This story was reported by The Next Web. EUROPES curates Europe's most relevant coverage — read the full report at the original source.
Read full coverage at The Next Web →