Hook A public GitHub issue, a hidden instruction, and one word changed in a prompt was...

'GitLost' vulnerability let GitHub's AI workflows leak private repositories - SiliconANGLE

The flaw allows an unauthenticated attacker to craft a GitHub Issue in an org's public repository and then silently pull data from its private repos, too.

Per usual, there's no fix - or even any documentation - for GitLost

Findings raise fresh concerns over the security of AI agents with privileged access to enterprise code.

Noma Labs tricked GitHub's AI agent into leaking private repositories with a crafted issue. The prompt-injection flaw, GitLost, has no code fix.

Hook A public GitHub issue, a hidden instruction, and one word changed in a prompt was...