GitLost Vulnerability Tricks GitHub’s AI Agent into Leaking Private Repos

A newly disclosed vulnerability dubbed “GitLost” shows how attackers can weaponize a single GitHub Issue to trick GitHub’s new AI-powered Agentic Workflows into leaking private repository contents to the public internet, with no credentials, coding skills, or system access required. GitHub Agentic Workflows pair GitHub Actions with an AI agent backed by Claude or GitHub […]

The post GitLost Vulnerability Tricks GitHub’s AI Agent into Leaking Private Repos appeared first on Cyber Security News.

This article has been indexed from Cyber Security News

Read the original article: