TGTGInsighttelegram intelligenceLIVE / telegram public index
← The Hacker News
Find similarView original
The Hacker News avatar

TGINSIGHT POST

Post #8478

@thehackernews

The Hacker News

Views12,200Post view count
PostedFeb 2402/24/2026, 06:53 PM
Post content

Post content

⚠️ A flaw in #GitHub Codespaces let attackers hide malicious Copilot instructions inside a GitHub issue. When a developer opened a Codespace from that issue, Copilot could silently run the injected prompt and leak a privileged GITHUB_TOKEN. The research also warns of “promptware” attacks built entirely through prompts. 🔗 Exploit Details → https://thehackernews.com/2026/02/roguepilot-flaw-in-github-codespaces.html