THREAT OPS › Threat News › MCP Auto-Execution: From Git Clone to Cloud Compromise in Amazon Q VS Code Extension
MCP Auto-Execution: From Git Clone to Cloud Compromise in Amazon Q VS Code Extension
By automatically loading MCP servers from workspace files, Amazon Q enabled attackers to execute code and access sensitive cloud environments.
Original source: https://www.wiz.io/blog/amazon-q-vulnerability