CVE-2023-52685 | Linux Kernel up to 6.7.1 pstore persistent_ram_init_ecc integer overflow (WID-SEC-2024-1188)
This issue appears to be a false-positive. Please verify the sources mentioned and consider not using this entry at all.
A novel supply chain attack called “Ghostcommit” that conceals prompt-injection instructions within PNG images to bypass AI code reviewers and trick coding agents into leaking secrets such as .env files. The ASSET Research Group demonstrated that a pull request containing an explicit, plain-text instruction to exfiltrate a repository’s .env file is caught immediately by LLM-based […]
The post New Ghostcommit Attack Hides Malicious Prompts in Images to Exploit AI Agents appeared first on Cyber Security News.