Per usual, there no fix or even any documentation for GitLost Malicious prompters could easily trick GitHub agents into pulling data from private repositories and then leaking the information as a public comment for anyone to access, according to Noma Labs researchers who named the vulnerability GitLost. The issue exists in GitHubs Agentic Workflows , which allow an AI agent powered by Claude or GitHub Copilot to autonomously execute tasks in GitHub Actions. As the AI security sleuths...

Read the full article at The Register

Wingeek Icon
More Windows News