Another thing to note, the AI angle on this is nonsensical. The commit could have just as easily done many other negative things to the system without AI as a layer of indirection.
Neither the 404 Media article nor this one claim otherwise. I think the key "AI angle" here is this (from the 404 Media article):
> Hackers are increasingly targeting AI tools as a way to break into peoples’ systems.
There are a lot of AI tools which run with full permission to execute shell commands or similar. If the same kind of compromise happened to aws-cli, it could be equally catastrophic, but it's not clear that the attack vector the hacker used would have been viable on a repo with more scrutiny.
I think the AI angle for this is that it is a force multiplier. You don't have to write specific commands, you just have to prompt generic things and it will helpfully fill in all the details. This also allows you to avoid having certain keywords in the PR (ie. `rm -rf`) and possibly evade detection.
dylnuge|7 months ago
> Hackers are increasingly targeting AI tools as a way to break into peoples’ systems.
There are a lot of AI tools which run with full permission to execute shell commands or similar. If the same kind of compromise happened to aws-cli, it could be equally catastrophic, but it's not clear that the attack vector the hacker used would have been viable on a repo with more scrutiny.
Corrado|7 months ago