GitHub, Copilot

Copilot exposes private GitHub pages, some removed by Microsoft
Microsoft’s Copilot AI assistant is exposing the contents of more than 20,000 private GitHub repositories from companies including Google, Intel, Huawei, PayPal, IBM, Tencent and, ironically, Microsoft.
Thousands of exposed GitHub repositories, now private, can still be accessed through Copilot
Lasso extracted a list of repositories that were public at any point in 2024 and identified the repositories that had since been deleted or set to private. Using Bing’s caching mechanism, the company found more than 20,000 since-private GitHub repositories still had data accessible through Copilot, affecting more than 16,000 organizations.
Chatbots are surfacing data from GitHub repositories that are set to private
Popular chatbot services like Copilot and ChatGPT could theoretically be exploited to access GitHub repositories that their owners have set to private. According to Israeli security
Microsoft Copilot continues to expose private GitHub repositories
A recent post alleged that ChatGPT (and, by association, Microsoft Copilot) was capable of accessing data from private GitHub repositories.
Thousands of GitHub repositories exposed via Microsoft Copilot
Thousands of private GitHub repositories, some of which possibly contained credentials and other secrets, are being exposed through Microsoft Copilot, the company’s Generative Artificial Intelligence (GenAI) virtual assistant,
Kaspersky warns of malware-ridden GitHub projects: how hackers are stealing credentials
Cybercriminals are exploiting GitHub to spread credential-stealing malware through fake repositories, cybersecurity firm ...
Github Copilot Agent Mode : Free Autonomous AI Coding Assistant
The new GitHub Copilot Agent Mode offers natural language editing, self-healing code, and image-based coding for seamless ...
CoinDesk5d
Hackers Are Using Fake GitHub Code to Steal Your Bitcoin: Kaspersky
The attack starts with seemingly legitimate GitHub projects — like making Telegram bots for managing bitcoin wallets or tools ...
Environmental Defense Fund1h
Groundwater Accounting Platform Adds Open-Source Access to Boost Sustainable Water Management
The Groundwater Accounting Platform — an increasingly popular water management tool — has released its source code with an eye to spurring collaboration.
GitVenom attacks abuse hundreds of GitHub repos to steal crypto
A malware campaign dubbed GitVenom uses hundreds of GitHub repositories to trick users into downloading info-stealers, remote ...
GitHub Copilot automatically checks the code of other members in the project
With the new Copilot review function, GitHub supports the work of development teams by automatically checking code.
InfoQ5d
GitHub Copilot Extensions Integrate IDEs with External Services
Now generally available, GitHub Copilot Extensions allow developers to use natural language to query documentation, generate ...