Inside Ghostcommit: How Malicious PNGs Bypass AI Code Reviewers
Summary
Ghostcommit is a novel supply chain exploit that uses malicious PNG images containing text instructions to bypass AI code reviewers, leading to data exfiltration from developer environments.
Similar Articles
'Ghostcommit' hides prompt injection in images to fool AI agents, steal secrets
Researchers demonstrate a new prompt injection attack where malicious instructions hidden in images bypass AI code reviewers and cause coding agents to leak repository secrets.
GitLost: We Tricked GitHub's AI Agent into Leaking Private Repos
Noma Labs discovered a critical prompt injection vulnerability in GitHub's Agentic Workflows, allowing unauthenticated attackers to exfiltrate data from private repositories by posting a crafted GitHub issue in a public repository of the same organization.
Incident CVE-2026-LGTM
A satirical incident report detailing how a malicious package bypassed multiple AI-powered security gates due to various failures, resolved only when the attacker's agent read a file it shouldn't have.
Config Files That Run Code: Supply Chain Security Blindspot
Config files for IDEs, AI coding agents, and package managers can execute code automatically, creating a supply chain security blindspot. The article details the Miasma worm attack that uses such config files to drop malware, and provides examples of injection vectors.
The AI Workspace Hijack: Anatomy of the Jscrambler NPM Attack
Attackers hijacked Jscrambler's NPM credentials to release malicious versions that steal API keys and developer history from AI tools like Cursor and Claude Desktop using an undocumented Rust-based infostealer.