A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious Copilot instructions in a GitHub issue.
The artificial intelligence (AI)-driven vulnerability has been codenamed RoguePilot by Orca Security. It has since been patched by Microsoft following responsible disclosure.
“Attackers can craft hidden instructions inside aRead More
RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN [email protected] (The Hacker News)
by
Tags: