A PNG hiding a prompt injection could steal your repo's secrets, researchers demonstrate. The technique, dubbed 'Ghostcommit,' slipped past AI code reviewers CodeRabbit and Bugbot, which never open image files at all, then convinced a coding agent to read a repo's .env and write every secret into the code as a list of numbers.

Noma Labs tricked GitHub's AI agent into leaking private repositories with a crafted issue. The prompt-injection flaw, GitLost, has no code fix.

Wiz says GhostApproval abuses symlinks so AI coding agents write to SSH keys or shell startup files while showing benign paths.

A PNG hiding a prompt injection could steal your repo's secrets, researchers demonstrate. The technique, dubbed 'Ghostcommit,' slipped past AI code reviewers CodeRabbit and…

A new attack technique called GhostCommit just made AI-assisted code review look like a liability....