FILTERING BY: CLEAR FILTER

Agentjacking: CVE-2026-12957 Exploits Amazon Q via Malicious MCP Configurations

Wiz Research has identified a high-severity vulnerability (CVE-2026-12957, CVSS 8.5) in Amazon Q Developer that allows for remote code execution (RCE) via "Agentjacking." By leveraging the Model Context Protocol (MCP), attackers utilize a "Fake Bug Report" social engineering vector to lure developers into opening booby-trapped repositories. These repositories contain a malicious .amazonq/mcp.json configuration file, which the AI agent automatically parses and executes with the developer's full environment privileges. This creates a direct pipeline from a local IDE session to enterprise cloud infrastructure compromise, enabling the exfiltration of live AWS credentials, API keys, and SSH agent access, effectively bypassing traditional perimeter-based security controls.


LINK COPIED TO CLIPBOARD