滥用合法驱动的艺术
利用驱动任意物理内存读取dump lsass内存
A newly disclosed vulnerability pattern dubbed “GhostApproval” has exposed a critical security flaw in six of the most widely used AI coding assistants: Amazon Q Developer, Anthropic Claude Code, Augment, Cursor, Google Antigravity, and Windsurf, allowing malicious repositories to bypass Human-in-the-Loop safety controls and potentially achieve remote code execution on developer machines. Discovered by Wiz […]
The post New GhostApproval Vulnerability Affects Amazon Q, Claude Code, Cursor, and Other AI Agents appeared first on Cyber Security News.