See every side of every news story
Get Started
SubscribeLogin
Israel-Hamas Conflict
Volodymyr Zelenskyy
Ukraine War
Donald Trump
White House
Vladimir Putin
Social Media
US Politics
European Union
Ramadan
Oval Office
The Oscars
Basketball
Published loading...Updated

Copilot exposes private GitHub pages, some removed by Microsoft

  • Security researchers warn that data exposed to the internet can remain accessible in Microsoft Copilot, even if it has been made private.
  • Lasso, an Israeli cybersecurity firm, found more than 20,000 private GitHub repositories from over 16,000 organizations, including Microsoft, exposed through Copilot.
  • Lasso co-founder Ophir Dror stated that their own repository was indexed and cached by Bing before being set to private.
  • Microsoft classified the caching issue as low severity, stating the behavior is acceptable, but updated changes were made after the report.
Insights by Ground AI
Does this summary seem wrong?

9 Articles

All
Left
1
Center
3
Right
Tech SpotTech Spot

Chatbots are surfacing data from GitHub repositories that are set to private

Popular chatbot services like Copilot and ChatGPT could theoretically be exploited to access GitHub repositories that their owners have set to private. According to Israeli security firm Lasso, this vulnerability is very real and affects tens of thousands of organizations, developers, and major technology companies.Read Entire Article

Read Full Article
Ars TechnicaArs Technica

Copilot exposes private GitHub pages, some removed by Microsoft

Repositories once set to public and later to private, still accessible through Copilot.

·United States
Read Full Article
BoredPandaBoredPanda

Disney Worker Downloads Free AI Tool—Loses Job And $200,000 Bonuses

The life of a Disney worker took a dramatic turn when he was hacked after downloading a free AI tool to use with his children. Matthew Van Andel, a former engineer at the renowned company, downloaded the software from the code-sharing site GitHub in February 2024. The tool, supposedly designed to create images from text prompts, ended up being malware that gave hackers access to his personal information through a password manager. In July, five …

·Boston, United States
Read Full Article
TechCrunchTechCrunch

Thousands of exposed GitHub repos, now private, can still be accessed through Copilot

Data exposed even briefly can live on in generative AI chatbots long after the data is made private.

·United States
Read Full Article
dailyguardian.cadailyguardian.ca

Zapier says someone broke into its code repositories and may have accessed customer data

Hello, We are writing to inform you of a security incident. Due to a two-factor authentication (2FA) misconfiguration on an employee’s account, an unauthorized user gained access to certain Zapier code repositories. Normally, this would not impact our customers. Out of an abundance of caution, we audited the contents of the repositories, and we found that in isolated instances, certain customer information had been inadvertently copied to the re…

Read Full Article
Tech RadarTech Radar

Thousands of GitHub repositories exposed via Microsoft Copilot

Copilot has access to Bing's cache, but Microsoft isn't too worried.

·United Kingdom
Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 75% of the sources are Center
75% Center
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

TechCrunch broke the news in United States on Wednesday, February 26, 2025.
Sources are mostly out of (0)

Similar News Topics

Artificial Intelligence

Artificial Intelligence

Google

Google

Microsoft

Microsoft

Technology

Technology

Disney

Disney

IBM

IBM

ChatGPT

ChatGPT

You have read out of your 5 free daily articles.

Join us as a member to unlock exclusive access to diverse content.

News
For You
Search
BlindspotLocal