Google Antigravity, an agent-first IDE powered by Gemini, contained a sandbox-escape vulnerability that allowed remote code execution via an unsanitized parameter and was patched by Google in late February. Researchers also found that a fake google-antigravity(.)com site distributed a trojanized installer deploying PowerShell scripts and a stealer that harvests browser data, wallets, and enables clipboard hijacking and hidden-desktop tradecraft. #GoogleAntigravity #Malwarebytes
Keypoints
- Antigravity is an agent-first development IDE powered by Gemini that delegates multi-step engineering tasks to autonomous AI agents.
- Pillar Security discovered a vulnerability that allowed sandbox escape and remote code execution via insufficient input sanitization in a parameter.
- The exploit can be triggered by indirect prompt injection through attacker-controlled comments in seemingly benign source files and can bypass Secure Mode.
- Malwarebytes found a fake google-antigravity(.)com site distributing a trojanized installer that deploys two PowerShell scripts alongside the IDE.
- The delivered stealer targets browser data, messaging apps, crypto wallets, and includes clipboard hijacking, keystroke logging, and hidden-desktop capabilities.