GitHub, Copilot and Microsoft

Copilot exposes private GitHub pages, some removed by Microsoft
Microsoft’s Copilot AI assistant is exposing the contents of more than 20,000 private GitHub repositories from companies including Google, Intel, Huawei, PayPal, IBM, Tencent and, ironically, Microsoft.
Thousands of exposed GitHub repositories, now private, can still be accessed through Copilot
Lasso extracted a list of repositories that were public at any point in 2024 and identified the repositories that had since been deleted or set to private. Using Bing’s caching mechanism, the company found more than 20,000 since-private GitHub repositories still had data accessible through Copilot, affecting more than 16,000 organizations.
Microsoft Copilot continues to expose private GitHub repositories
A recent post alleged that ChatGPT (and, by association, Microsoft Copilot) was capable of accessing data from private GitHub repositories.
Thousands of GitHub repositories exposed via Microsoft Copilot
Thousands of private GitHub repositories, some of which possibly contained credentials and other secrets, are being exposed through Microsoft Copilot, the company’s Generative Artificial Intelligence (GenAI) virtual assistant, experts have warned. Cybersecurity researchers from Lasso reported their findings to Microsoft but got a mixed response.
Chatbots are surfacing data from GitHub repositories that are set to private
Popular chatbot services like Copilot and ChatGPT could theoretically be exploited to access GitHub repositories that their owners have set to private. According to Israeli security
Kaspersky warns of malware-ridden GitHub projects: how hackers are stealing credentials
Cybercriminals are exploiting GitHub to spread credential-stealing malware through fake repositories, cybersecurity firm ...
CoinDesk3d
Hackers Are Using Fake GitHub Code to Steal Your Bitcoin: Kaspersky
The attack starts with seemingly legitimate GitHub projects — like making Telegram bots for managing bitcoin wallets or tools ...
GitVenom attacks abuse hundreds of GitHub repos to steal crypto
A malware campaign dubbed GitVenom uses hundreds of GitHub repositories to trick users into downloading info-stealers, remote ...
GitHub Copilot automatically checks the code of other members in the project
With the new Copilot review function, GitHub supports the work of development teams by automatically checking code.
Github Copilot Agent Mode : Free Autonomous AI Coding Assistant
The new GitHub Copilot Agent Mode offers natural language editing, self-healing code, and image-based coding for seamless ...
InfoQ3d
GitHub Copilot Extensions Integrate IDEs with External Services
Now generally available, GitHub Copilot Extensions allow developers to use natural language to query documentation, generate ...
GitHub Enterprise Server 3.16 shows detailed metrics on system health
The release candidate presents new features, including revised monitoring dashboards and user-defined properties for repo ...
EA open sources four more Command & Conquer games
Command & Conquer, Red Alert, Renegade, and Generals have all been added to EA’s GitHub page, joining the 2020 Remastered ...