🟠 High  |  Source: The Register — Security


A vulnerability dubbed ‘GhostApproval’ has been identified in leading AI coding agents, exploiting weaknesses in human-in-the-loop approval mechanisms — a problem rooted in decades-old Unix-era security design flaws. Attackers or malicious inputs can manipulate AI agents into executing unauthorised actions by bypassing or spoofing approval steps that users believe are protecting them. This highlights a systemic risk in agentic AI pipelines where assumed human oversight may be illusory.

Security Architect’s Take: Audit any AI coding agent deployments for how human approval gates are implemented and verified — do not assume the approval prompt a user sees corresponds to the action actually executed. Consider enforcing cryptographic or out-of-band confirmation for sensitive operations, and treat agentic AI pipelines with the same zero-trust scrutiny as any privileged automation.

Original advisory: Bug in top AI coding agents shows that Unix-era security headaches never really die