Tag
#CVE-2026-12957
2 stories taggedCVE-2026-12957.

AI Security
An AI Coding Tool Built Into Millions of Developer Setups Had a Flaw That Could Hand Hackers Your Cloud Keys
A security hole in Amazon's AI coding assistant let criminals steal cloud passwords just by getting a developer to open a poisoned folder. It's patched — but the attack method is spreading.
3 min

Vulnerabilities
Amazon Patches CVE-2026-12957 in Q Developer: Malicious Repo Could Drain AWS Credentials via MCP
A workspace-trust prompt was all that stood between a developer and credential theft. Amazon has shipped a fix for the high-severity flaw in its AI coding assistant.
2 min