THREAT OPS › Threat News › Researchers Find New GhostApproval Bug in Many AI Coding Assistants
Researchers Find New GhostApproval Bug in Many AI Coding Assistants
<p class="wp-block-paragraph">Security researchers have identified a new set of vulnerabilities that are present in many of the top AI coding assistants and allows malicious repositories to bypass workspace sandboxes and potentially achieve remote code execution on a user’s machine. </p>
<p class="wp-block-paragraph">The bug is a modern twist on a Clinton-era piece of known Unix badness: f
MITRE ATT&CK techniques
- VulnerabilitiesT1588.006
Indicators of compromise
- CVE-2026-12958cve
- https://www.wiz.io/blog/ghostapproval-a-trust-boundary-gap-in-ai-coding-assistantsurl