Techzine Europe

AI agents on GitHub leak API keys via prompt injection

Three popular AI agents on GitHub Actions are vulnerable to so-called "Comment and Control" attacks. These are Claude Code ...

Agents hooked into GitHub can steal creds – but Anthropic, Google, and Microsoft haven't warned users

Exclusive: Researchers who found the flaws scored beer money bounties and warn the problem is probably pervasive ...
The Next Web

Anthropic, Google, and Microsoft paid AI agent bug bounties, then kept quiet about the flaws

Researchers hijacked Claude, Gemini, and Copilot AI agents via prompt injection to steal API keys and tokens. All three ...
CSO Online

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

The multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command and control to ...