Noma Security's GitLost research shows that a public GitHub issue can trick GitHub Agentic Workflows into exfiltrating private repository contents. The attack requires no credentials — just a crafted issue on any public repo the agent can see.
The latest AI security developments, threats, and industry updates.
Noma Security's GitLost research shows that a public GitHub issue can trick GitHub Agentic Workflows into exfiltrating private repository contents. The attack requires no credentials — just a crafted issue on any public repo the agent can see.
Sysdig's Threat Research Team published research in July 2026 documenting JADEPUFFER, the first ransomware operation fully executed by an LLM agent — no human operator required at any step after initial access.
Sophos X-Ops telemetry analysis shows Claude Code, Cursor, and OpenAI Codex triggering behavioral EDR detection rules built to catch human attackers. Credential access patterns account for 56.2% of blocked activity -- agents using the same Windows DPAPI technique as Redline stealer.
Researchers at Tel Aviv University have chained two well-known AI weaknesses, hallucination and prompt injection, into a technique that can trick AI coding assistants into installing botnet malware on a user's machine.
Three high-severity vulnerabilities in the OpenClaw AI assistant allow a remotely-sent WhatsApp message to trigger host code execution, SSH key theft, and Docker socket escape. All three are patched in version 2026.6.6.