The Hacker News · 7/9/2026

GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents

Wiz researchers found symlink attacks in six AI coding assistants (Claude Code, Cursor, Amazon Q, others) allowing booby-trapped projects to write to sensitive files bypassing approval.

Read original coverage