Security · 1h ago
AI coding agents vulnerable to 'GhostApproval' bypass
A bug in leading AI coding assistants allows attackers to bypass human approval prompts, tricking agents into executing malicious code. Dubbed 'GhostApproval', the flaw exploits Unix-style trust assumptions in agent workflows. The issue highlights persistent security gaps in human-in-the-loop AI systems.
Meridian48 take
The 'GhostApproval' bug is a reminder that AI agents inherit old security flaws, not just create new ones.
Read the full reporting
Bug in top AI coding agents shows that Unix-era security headaches never really die →
The Register
ai-coding-agentsghostapproval