GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents

Researchers at Wiz found that a flaw in six popular AI coding assistants lets a booby-trapped code project quietly take control of a developer’s computer. The assistant asks permission to edit one harmless-looking file, but the write lands on a sensitive one instead.

The affected tools are Amazon Q Developer, Anthropic’s Claude Code, Augment, Cursor, Google Antigravity, and Windsurf.

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes

Next Post

Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It

Related Posts
Total
0
Share