Researchers hid a prompt injection inside a PNG, and AI fell for it
3 Articles
3 Articles
New Ghostcommit Attack Hides Malicious Prompts in Images to Exploit AI Agents
A novel supply chain attack called “Ghostcommit” that conceals prompt-injection instructions within PNG images to bypass AI code reviewers and trick coding agents into leaking secrets such as .env files. The ASSET Research Group demonstrated that a pull request containing an explicit, plain-text instruction to exfiltrate a repository’s .env file is caught immediately by LLM-based […] The post New Ghostcommit Attack Hides Malicious Prompts in Ima…
‘Ghostcommit’ hides prompt injection in images to fool AI agents, steal secrets
Researchers have built a pull request that steals a repository’s secrets by hiding the malicious instruction inside a PNG that AI code reviewers never open. The reviewer waves the change through. Later, a coding agent reads the picture, opens the repo’s .env, and writes every key into the source as a harmless-looking list of numbers. How ‘Ghostcommit’ works The attack is joint work from the University of Missouri-Kansas City’s ASSET Research Gro…
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium

