GitLost Vulnerability Tricks GitHub’s AI Agent into Leaking Private Repos
A newly disclosed vulnerability dubbed “GitLost” shows how attackers can weaponize a single GitHub Issue to trick GitHub’s new AI-powered Agentic Workflows into leaking private repository contents to the public internet, with no credentials, coding skills, or system access required. GitHub Agentic...