ByteBrief
We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.
(We tried widescreen once. It wasn't us.)
Wiz discovered GhostApproval, a symlink vulnerability in six AI coding assistants: Amazon Q Developer, Anthropic Claude Code, Augment, Cursor, Google Antigravity, and Windsurf. The flaw lets a malicious repository trick an agent into writing an attacker's SSH key to the victim's authorized_keys file, enabling remote code execution. Amazon, Cursor, and Google patched; Augment and Windsurf have not; Anthropic disputes the classification.
Tracked by ByteBrief