HackerFeeds

CyberSecurity News

GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents

The Hacker News
· July 9, 2026

AI summary

A vulnerability has been discovered in six popular AI coding assistants, including Amazon Q Developer and Google Antigravity, that could allow malicious code projects to gain control of a developer's computer. The flaw enables a booby-trapped project to request permission to edit a harmless file, but instead, the changes are made to a sensitive file. This is made possible by a symlink flaw, referred to as GhostApproval. The affected AI coding assistants include tools from various providers, such as Anthropic and Augment. These tools are used to assist developers with coding tasks, and the vulnerability could be exploited to run malicious code. The researchers who found the flaw are from the company Wiz.

Read the full article at The Hacker Newsthehackernews.com/2026/07/ghostapproval-symlink-flaws-could-let.html

This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.