LodeHQSubscribe →

GhostApproval symlink flaw: six AI coding assistants hijacked

DevOps · 2026-07-09

CI/CD & Automation
Measure CI/CD Emissions with Eco CI and Carmen4 MIN

GitLab says your CI/CD jobs emit hidden carbon, and now you can measure it. Eco CI adds a lightweight per‑job energy and CO₂ badge, while Carmen delivers detailed VM, pod and workload emissions for Grafana or FinOps dashboards. Turning invisible emissions into data lets engineering cut waste and meet sustainability goals.

Agentic Workflows auto‑create cross‑repo docs PRs, slashing lag to 45 hrs10 MIN

The Aspire team wired GitHub Agentic Workflows to turn merged feature PRs in microsoft/aspire into SME‑reviewed documentation pull requests in the separate docs repo. For versions 13.3‑13.4 the median turnaround fell to 44.8 hours, saving weeks of manual hand‑off. The pattern shows how secure, cross‑repo AI automation can close the release‑docs gap without extra headcount.

Observability & Reliability
AWS shows OpenTelemetry & OpenSearch can debug agentic AI in production1 MIN

AWS engineers demo a live debugging session for multi‑step AI agents, using OpenTelemetry traces routed into OpenSearch to surface logs, metrics, and traces in a unified view. The open‑source stack lets teams spot nondeterministic agent behavior early, cutting silos and reducing production risk.

OpenAI patches 18‑year‑old libunwind race condition after rare Azure crash12 MIN

OpenAI traced rare crashes in its Rockset data service to two unrelated faults: silent hardware corruption on an Azure host and an 18‑year‑old race condition in GNU libunwind. By treating the failures as an epidemic, the team built a full crash dataset, upstreamed a fix and a reproducer to libunwind.

DevSecOps
GhostApproval: Symlink Flaw Lets Six AI Coding Assistants Hijack Developer Machines11 MIN

Wiz discovered GhostApproval, a symlink‑based trust‑boundary flaw affecting Amazon Q, Anthropic Claude, Augment, Cursor, Google Antigravity and Windsurf. The bug lets malicious repos trick the agents into writing files outside the workspace, enabling remote code execution on a developer’s machine. Three vendors have patched it; the others remain vulnerable.

Run a 5‑minute SBOM sniff test to stop vulnerable containers6 MIN

A quick SBOM “sniff test” can expose stale packages, known CVEs and unexpected dependencies in hardened container images before they hit production. By cross‑checking the SBOM against vulnerability databases and VEX advisories, teams cut remediation time from days to minutes, reducing supply‑chain risk.

Visual Studio June update adds real‑time Copilot cost alerts and MCP trust validation4 MIN

GitHub Copilot now bills by token, so developers can see bills hit $800 + monthly. The June VS update refreshes the Copilot Usage window with configurable real‑time alerts and adds MCP server trust checks that compare current configurations to a trusted baseline, helping teams curb spend and guard against rogue tool changes.

Get DevOps in your inbox, every issue.
Subscribe free
Privacy · Terms · About · Contact
© 2026 LodeHQ