Google Fixes AI Coding Tool Flaw That Let Attackers Execute Malicious Code: Report

Blockchain ekosistemine dair önemli bir haber gündeme geldi. Google Fixes AI Coding Tool Flaw That Let Attackers Execute Malicious Code: Report Price data by News Artificial Intelligence Google Fixes AI Coding Tool Flaw That Let Attackers Execute Malicious Code: Report Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite safeguards. By Jason Nelson Edited by Andrew Hayward Apr 21, 2026 Apr 21, 2026 3 min read Image: Shutterstock/ Create an account to save your articles. Add on Google Add as your preferred source to see more of our stories on Google.

In brief Researchers found a prompt injection vulnerability in Google’s Antigravity AI coding platform. The flaw could allow attackers to execute commands even with the platform’s Secure Mode enabled. Google fixed the issue Feb.

Piyasa Dinamikleri

28 after researchers disclosed it in January, Pillar Security said. Google has patched a vulnerability in its Antigravity AI coding platform that researchers say could allow attackers to run commands on a developer’s machine through a prompt injection attack. According to a report by Cybersecurity firm Pillar Security, the flaw involved Antigravity’s find_by_name file search tool, which passed user input directly to an underlying command-line utility without validation.

That allowed malicious input to convert a file search into a command execution task, enabling remote code execution. “Combined with Antigravity's ability to create files as a permitted action, this enables a full attack chain: stage a malicious script, then trigger it through a seemingly legitimate search, all without additional user interaction once the prompt injection lands,” Pillar Security researchers wrote. Launched last November, Antigravity is Google’s AI-powered development environment designed to help programmers write, test, and manage code with the assistance of autonomous software agents.

Pillar Security disclosed the issue to Google on January 7, and Google acknowledged the report the same day, marking the issue as fixed on February 28. Google did not immediately respond to a request for comment by . Prompt injection attacks occur when hidden instructions embedded in content cause an AI system to perform unintended actions.

Because AI tools often process external files or text as part of normal workflows, the system may interpret those instructions as legitimate commands, allowing an attacker to trigger actions on a user’s machine without direct access or additional interaction. The threat of prompt injection attacks for large language models came into renewed focus last summer when ChatGPT developer OpenAI warned that its new ChatGPT agent could be compromised. “When you sign ChatGPT agent into websites or enable connectors, it will be able to access sensitive data from those sources, such as emails, files, or account information,” OpenAI wrote in a blog post.

Blockchain ekosistemindeki bu gelişme, dijital varlık piyasalarını şekillendirmeye devam ediyor. Uzmanlar, konunun yakın vadeli etkilerini mercek altına alıyor.