Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Amazon Science

Amazon Science Vendor Cyber Rating & Cyber Score

amazon.science

Amazon Science gives you insight into the company’s approach to customer-obsessed scientific innovation. Amazon fundamentally believes that scientific innovation is essential to being the most customer-centric company in the world. It’s the company’s ability to have an impact at scale that allows us to attract some of the brightest minds in artificial intelligence and related fields. Our scientists continue to publish, teach, and engage with the academic community, in addition to utilizing our working backwards method to enrich the way we live and work. Follow us on LinkedIn and visit our website to get a deep dive on innovation at Amazon, and explore the many ways you can engage with our scientific community. #AmazonScience


Amazon Science A.I CyberSecurity Scoring

Amazon Science
Company Information
Website:https://www.amazon.science
Employees number:4
Number of followers:386,739
NAICS:5417
Industry Type:Research Services
Homepage:amazon.science
Amazon Science Risk Score (AI oriented)
Between 650 and 699
logo
Amazon ScienceResearch Services
Updated:
09/07/2026
680/1000
Weak
B
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Amazon Science Global Score (TPRM)
xxxx
logo
Amazon ScienceResearch Services
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Amazon Science
Amazon ScienceWeak
Current Score
680B (WEAK)
01000
3 incidents
-24.33 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
685Before Incident
Vulnerability
08 Jul 2026Amazon Science
Cursor, Anthropic, Amazon Web Services, Augment, Windsurf and Google: New GhostApproval Vulnerability Affects Amazon Q, Claude Code, Cursor, and Other AI Agents

GhostApproval Vulnerability Exposes Critical Flaw in Major AI Coding Assistants

680After Incident
CRITICAL-5
ANYWINGOOAMAAUGANT1783578409
GhostApproval Vulnerability Exposes Critical Flaw in Major AI Coding Assistants A newly identified vulnerability, dubbed GhostApproval, has revealed a systemic security flaw in six widely used AI coding assistants Amazon Q Developer, Anthropic Claude Code, Augment, Cursor, Google Antigravity, and Windsurf allowing attackers to bypass human-in-the-loop (HITL) safety controls and potentially achieve remote code execution on developers' machines. Discovered by Wiz researchers, the exploit leverages symbolic link following (CWE-61), a technique historically used in Docker escapes and privilege escalation attacks but now repurposed to target AI coding tools. The attack is deceptively simple: an attacker crafts a malicious repository containing a symlink (e.g., project_settings.json~/.ssh/authorized_keys). When a developer clones the repo and instructs their AI assistant to "set up the workspace," the agent follows the symlink, writing the attacker’s SSH public key directly to the victim’s authorized_keys file, granting persistent, password-less access. What makes GhostApproval particularly insidious is its UI misrepresentation layer (CWE-451). In testing, Anthropic’s Claude Code demonstrated this flaw: while the agent’s internal reasoning correctly identified the symlink’s true target (e.g., a zsh configuration file), the user-facing prompt merely asked, "Make this edit to project_settings.json?" This discrepancy turns HITL safeguards into a false sense of security, as users unknowingly approve malicious actions. ### Vendor Responses & Patches Three vendors issued fixes: - Amazon Web Services (AWS) patched the issue in language server v1.69.0 (May 27, 2026, CVE-2026-12958). - Cursor released a fix in v3.0 (June 5, 2026, CVE-2026-50549). - Google (Antigravity) deployed a fix on May 22, 2026, though it has not yet assigned a CVE. Augment and Windsurf acknowledged the reports but had not fully addressed the issue at the time of disclosure. Windsurf’s pre-authorization variant was especially dangerous, as the agent wrote files to disk before displaying the confirmation dialog, effectively making the prompt an "undo" rather than a security gate. Anthropic initially rejected the report, arguing that user-trusted directories and approved prompts shifted responsibility to the end user. However, after further review, versions 2.1.173+ now resolve symlinks and warn users before writing to sensitive files a change that had been implemented in v2.1.32 (February 5, 2026) as part of internal security hardening. ### Mitigation Recommendations Wiz researchers outlined three key defenses for AI coding tool vendors: 1. Resolve symlinks before displaying prompts always show the canonical target path. 2. Warn explicitly when resolved paths exit the workspace writes to ~/.ssh/authorized_keys should be visibly distinct from those to ./config.json. 3. Never write to disk before explicit user authorization confirmation dialogs must act as security gates, not undo mechanisms. The vulnerability was first discovered on February 10, 2026, with vendor reports submitted between February 12 and March 5, 2026. Public disclosure occurred on July 8, 2026, following a 90+ day coordinated disclosure window. GhostApproval highlights a category-level design gap in AI coding assistants, where HITL controls intended as a last line of defense can be systematically bypassed. As AI agents gain greater autonomy over developer filesystems, the integrity of these controls must be treated as a first-class security requirement.
INCIDENT DETAILS -
TYPE
Vulnerability Exploitation
IMPACT
Data Compromised: SSH credentials, sensitive filesystem accessSystems Affected: Developers' machines, AI coding assistants (Amazon Q Developer, Anthropic Claude Code, Augment, Cursor, Google Antigravity, Windsurf)Operational Impact: Potential remote code execution, unauthorized system accessBrand Reputation Impact: Moderate to high (public disclosure of systemic flaw)Identity Theft Risk: High (SSH key compromise)
DATA BREACH
Type Of Data Compromised: SSH credentials, filesystem accessSensitivity Of Data: High (SSH keys, system access)SSH authorized_keysConfiguration files
JUNE 2026
684Before Incident
MAY 2026
688Before Incident
Vulnerability
27 May 2026Amazon Science
OpenAI, Anthropic, xAI and Amazon: All Major LLMs Exposed to Multi-Turn Manipulation, Warn Researchers

Multi-Turn Attacks Bypassing LLM Safety Guardrails

683After Incident
CRITICAL-5
OPEANTAMAXAI1779892138
Cisco Researchers Warn of Multi-Turn Attacks Bypassing LLM Safety Guardrails Researchers at Cisco have uncovered a critical vulnerability in leading large language models (LLMs), demonstrating that their safety guardrails can be bypassed through multi-turn conversations. The study tested widely used models including OpenAI’s ChatGPT, Anthropic’s Claude, Google Gemini, Amazon Nova, and xAI’s Grok revealing that none were fully resistant to exploitation. The attack method relies on prolonged, iterative dialogue, where adversaries refine prompts, adopt personas, or gradually escalate requests to circumvent built-in protections. Unlike single-prompt testing, which many organizations rely on for safety evaluations, real-world attackers persist across multiple exchanges, exposing gaps in current security benchmarks. Key findings include: - No model was immune to multi-turn manipulation, challenging existing AI safety assessments. - Techniques like roleplay, ambiguity, and reframing requests proved effective in bypassing guardrails. - Configuration matters: For example, Grok became significantly more vulnerable when "reasoning mode" was enabled. The report highlights a disconnect between current safety evaluations and real-world threats, warning that enterprises deploying LLMs may underestimate risks. As regulators push for improved testing standards, Cisco’s research underscores the need for more robust defenses against evolving attack vectors.
INCIDENT DETAILS -
TYPE
Vulnerability Exploitation
IMPACT
Systems Affected: LLMs (OpenAI’s ChatGPT, Anthropic’s Claude, Google Gemini, Amazon Nova, xAI’s Grok)Operational Impact: Potential underestimation of risks by enterprises deploying LLMsBrand Reputation Impact: Potential reputational damage to LLM providers
MAY 2026
750Before Incident
Breach
04 May 2026Amazon Science
Amazon Web Services and Braintrust: AI evaluation startup Braintrust confirms breach, tells every customer to rotate sensitive keys

Braintrust Urges API Key Rotation After AWS Cloud Breach Exposes Customer Secrets

687After Incident
LOW-63
AMAUSE1778092688
Braintrust Urges API Key Rotation After AWS Cloud Breach Exposes Customer Secrets AI evaluation startup Braintrust has instructed customers to revoke and replace their API keys following unauthorized access to an Amazon Web Services (AWS) cloud account containing sensitive credentials. The breach, disclosed in an email sent to customers on Monday and later posted on the company’s website, involved an AWS account storing API keys used to access cloud-based AI models. Braintrust confirmed the incident was contained, locking down the compromised account, auditing related systems, and rotating internal secrets. While the company stated it had only identified one impacted customer and found no evidence of broader exposure, it advised all users to rotate their stored API keys as a precaution. The cause of the breach remains under investigation. In a statement to TechCrunch, Braintrust spokesperson Martin Bergman emphasized the move was taken "out of an abundance of caution," noting no evidence of a confirmed breach at the time of disclosure. The startup, which provides a platform for monitoring AI models and raised $80 million in a February funding round valuing it at $800 million, positions itself as an "operating system for engineers building AI software." Cybersecurity experts warn the incident could have downstream effects for affected customers, particularly AI companies reliant on Braintrust’s infrastructure. Similar breaches, such as the 2023 attack on CircleCI, have demonstrated how compromised cloud accounts can expose API keys, allowing attackers to impersonate legitimate users and access systems without direct infiltration. Recent high-profile incidents, including a 2024 breach of an AWS account tied to the European Commission that exposed 92GB of data, underscore the growing threat of cloud-based credential theft.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: API keys used to access cloud-based AI modelsSystems Affected: AWS cloud accountOperational Impact: Customers advised to rotate API keys
DATA BREACH
Type Of Data Compromised: API keys, sensitive credentialsSensitivity Of Data: High (API keys for cloud-based AI models)
APRIL 2026
750Before Incident
MARCH 2026
750Before Incident
FEBRUARY 2026
750Before Incident
JANUARY 2026
750Before Incident
DECEMBER 2025
749Before Incident
NOVEMBER 2025
749Before Incident
OCTOBER 2025
749Before Incident
SEPTEMBER 2025
749Before Incident
AUGUST 2025
749Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Amazon Science ?
?
What was Amazon Science's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Amazon Science's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Amazon Science's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Amazon Science's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Amazon Science's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Amazon Science's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Amazon Science's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Amazon Science's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Amazon Science's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Amazon Science's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Amazon Science's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Amazon Science's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Amazon Science ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Amazon Science's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?