六款AI編程助手栽在符號連結. 本文保留已核驗事實,並以產品、基礎設施與治理脈絡重新整理。
發生了什麼
六款AI編程助手栽在符號連結 is the current news peg. The verified record centers on these points:
- Wiz disclosed GhostApproval on July 8
- the attack abuses symlinks so an apparent project file can write outside the workspace
- affected research covered Amazon Q Developer, Claude Code, Augment, Cursor, Google Antigravity and Windsurf
- Cursor CVE-2026-50549 affected versions before 3.0, and AWS required Language Servers for AWS 1.69.0
為何重要
更大的產業訊號是 human approval is weak when the UI hides the resolved path and the agent follows filesystem indirection.
接下來看什麼
接下來要看的重點是 default blocking of symlinks, resolved-path display, sensitive-file monitoring and isolated environments for unknown repos.
參考來源:Wiz research, AWS advisory, SC Media, The Register, Cursor/GitHub CVE records, CocoLoop.