GhostApproval Flaw Featuring Decades-Old Feature Found in Six AI Coding Tools

A security flaw, 'GhostApproval', was discovered in six AI coding tools, allowing attackers to trick AI agents into giving them control of a developer's system using a decades-old Unix feature. This vulnerability relies on symbolic links (symlinks) in the file system. Developers should be aware of this issue and take necessary precautions. The exact tools affected have not been specified. This flaw highlights the importance of security in AI-powered development tools.

Source →
FeedLens — Signal over noise Last 7 days