Alleged Malicious Wiping Command Found in Amazon Q AI Assistant

July 17, 2025

A concerning incident has been reported involving Amazon's coding assistant, Q. Allegations suggest that a compromise occurred, inserting commands capable of wiping local files and potentially impacting cloud resources. The tainted code was unknowingly integrated into a public release before detection and removal.

Learn more about the role of Project Cerebellum in promoting safe and secure AI practices through its AI incident database. Join us today to help govern, map, measure, or manage such incidents as part of HISPI Project Cerebellum TAIM: JOIN US

Matched TAIM controls

Suggested mapping from embedding similarity (not a formal assessment). Browse all TAIM controls

MANAGE 4.3 — similarity 0.662, rank 1. TAIM detail and related incidents →
MEASURE 2.10 — similarity 0.662, rank 2. TAIM detail and related incidents →
MAP 1.6 — similarity 0.655, rank 3. TAIM detail and related incidents →

Alleged deployer: amazon, amazon-web-services, aws
Alleged developer: amazon, amazon-web-services, aws
Alleged harmed parties: aws-toolkit-users, amazon-q-users, amazon-web-services-(aws)-customers

Source

Data from the AI Incident Database (AIID). Cite this incident: https://incidentdatabase.ai/cite/1158

Data source

Incident data is from the AI Incident Database (AIID).

When citing the database as a whole, please use:

McGregor, S. (2021) Preventing Repeated Real World AI Failures by Cataloging Incidents: The AI Incident Database. In Proceedings of the Thirty-Third Annual Conference on Innovative Applications of Artificial Intelligence (IAAI-21). Virtual Conference.

Pre-print on arXiv · Database snapshots & citation guide

We use weekly snapshots of the AIID for stable reference. For the official suggested citation of a specific incident, use the “Cite this incident” link on each incident page.