{"id":8797,"date":"2026-07-09T05:11:45","date_gmt":"2026-07-09T05:11:45","guid":{"rendered":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/07\/09\/ghostapproval-symlink-flaws-could-let-malicious-repos-run-code-in-ai-coding-agents\/"},"modified":"2026-07-09T05:11:45","modified_gmt":"2026-07-09T05:11:45","slug":"ghostapproval-symlink-flaws-could-let-malicious-repos-run-code-in-ai-coding-agents","status":"publish","type":"post","link":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/07\/09\/ghostapproval-symlink-flaws-could-let-malicious-repos-run-code-in-ai-coding-agents\/","title":{"rendered":"GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents"},"content":{"rendered":"<p>\u200bResearchers at\u00a0Wiz\u00a0found that a flaw in six popular AI coding assistants lets a booby-trapped code project quietly take control of a developer&#8217;s computer. The assistant asks permission to edit one harmless-looking file, but the write lands on a sensitive one instead.<\/p>\n<p>The affected tools are Amazon Q Developer, Anthropic&#8217;s Claude Code, Augment, Cursor, Google Antigravity, and Windsurf.\u00a0Researchers at\u00a0Wiz\u00a0found that a flaw in six popular AI coding assistants lets a booby-trapped code project quietly take control of a developer&#8217;s computer. The assistant asks permission to edit one harmless-looking file, but the write lands on a sensitive one instead.<\/p>\n<p>The affected tools are Amazon Q Developer, Anthropic&#8217;s Claude Code, Augment, Cursor, Google Antigravity, and Windsurf.\u00a0\u00a0The Hacker News<\/p>","protected":false},"excerpt":{"rendered":"<p>\u200bResearchers at\u00a0Wiz\u00a0found that a flaw in six popular AI coding assistants lets a booby-trapped code project quietly take control of a developer&#8217;s computer. The assistant asks permission to edit one harmless-looking file, but the write lands on a sensitive one instead. The affected tools are Amazon Q Developer, Anthropic&#8217;s Claude Code, Augment, Cursor, Google Antigravity,&hellip;&nbsp;<a href=\"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/07\/09\/ghostapproval-symlink-flaws-could-let-malicious-repos-run-code-in-ai-coding-agents\/\" class=\"\" rel=\"bookmark\">Read More &raquo;<span class=\"screen-reader-text\">GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":8798,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/8797"}],"collection":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/comments?post=8797"}],"version-history":[{"count":0,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/8797\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media\/8798"}],"wp:attachment":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media?parent=8797"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/categories?post=8797"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/tags?post=8797"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}