A prompt injection attack can trick GitHub’s preview Agentic Workflows into retrieving content from private repositories and publishing it publicly, exposing a broader risk as enterprises deploy AI agents with privileged access to software development environments, according to new research from Noma Security.
The AI security company detailed the attack, dubbed GitLost, in a blog post, saying an unauthenticated attacker could exploit GitHub’s preview Agentic Workflows by submitting a crafted GitHub issue to a public repository. If the AI agent has read access to private repositories within the same organization, it can retrieve sensitive information and publish it in a public comment, the company said.
GitHub Agentic Workflows combine GitHub Actions with AI models such as Claude or GitHub Copilot, allowing developers to define workflows in Markdown. At the same time, AI agents read issues, invoke tools, and perform tasks on their behalf.
“What will happen when the GitHub agent reads so
The post Q1 2026 Data Shows Open Source Collaboration Hits New Highs appeared on BitcoinEthereumNews.com.
Timothy Morano
Jul 07, 2026 16:55
GitHub’s Q1 2026 Innovation Graph reveals 16% growth in cross-border developer collaboration, the fastest pace since Q2 2020.
GitHub’s Innovation Graph for Q1 2026 confirms a surge in global open-source collaboration, with cross-border developer activity growing 16% quarter-over-quarter. This marks the second-highest growth rate since tracking began in 2020, trailing only the 21% spike seen in Q2 2020 during the initial pandemic-driven tech boom. The ‘economy collaborators’ metric, which tracks the total volume of git pushes and pull requests between developers across different economies, highlighted this acceleration. The data suggests that open-source software development is continuing to break down borders, with a sharp rise in international contributions. Key Highlights by Economy While the growth is global, regional trends st
Microsoft has fitted the June 2026 update to Visual Studio IDE with a GitHub Copilot usage window that gives a clearer view of where a user stands against the GitHub’s new usage-based model. The update also adds trust validation for Model Context Protocol (MCP) servers.
GitHub Copilot usage now is calculated based on token consumption rather than by request, as part of GitHub’s new usage-based billing model, Microsoft said on June 30. The refreshed usage window in Visual Studio gives a clearer view of the stance against that model, with real-time updates as the developer works. This can be opened by selecting Copilot Usage from the Copilot badge menu.
GitHub Copilot switched to usage-based billing on June 1.
Also with the June update, Visual Studio now validates MCP server trust in two places during startup. Before the MCP server process starts, the current configuration is compared against a previously trusted baseline. After it starts, the fingerprint of its tools, prompts, resourc
JetBrains has announced JetBrains AI for Teams and Organizations, an initiative that promises to deliver a broad set of AI capabilities that connects AI tools developers already use with shared context, reusable agentic workflows, and organization-wide governance and cost control for software production. The intent is to move users from fragmented AI usage to coordinated software development, the company said.
Unveiled July 7, JetBrains AI for Teams and Organizations will provide a unified system for agentic software development, according to the company. Vendor-agnostic by design, JetBrains AI for Teams and Organizations will connect external tools via Model Context Protocol (MCP) and external agents via Agent Client Protocol (ACP). Organizations will be able to evolve their AI stack without sacrificing governance or developer choice, the company said.
Alongside new capabilities, JetBrains plans to evolve its commercial model to better support AI-powered software development. For bus
Behind a customer's API, a high-quality answer isn't enough. It has to be usable, which means on time. Delivering that consistently is a problem about variance, not speed, and the fixes are counterintuitive.
The post Tail Control: The Counterintuitive Engineering of Reliable Agentic Workflows appeared first on Towards Data Science.
Explore the best local coding models for private AI coding, fast GGUF inference, agentic workflows, multimodal development, and running powerful open models on your own GPU.
Stung by a surge in cyberattacks that have run amok in developer environments, GitHub has strengthened the security of actions/checkout to block ‘pwn request’ attacks that exploit insecure use of the pull_request_target workflow trigger to run an attacker’s code with the workflow’s full privileges.
Announced on June 18, actions/checkout v7 now automatically blocks and fails workflows when used inside pull_request_target or workflow_run events when attempting to fetch unreviewed fork pull request code.
From now on, the only away around these checks will be for developers to implement an opt out by adding an explicit allow-unsafe-pr-checkout to actions/checkout, GitHub said in its V7 changelog.
The change signals the beginning of a new ‘secure by default’ era in which security will be defined by the GitHub system rather than being left to discretion of developers. As part of that effort, on July 16, the new defaults will be backported to all supported major versions.
“Workflows pinned to
An attacker forged withdrawal proofs using an RSA-3072 private key accidentally committed to Taiko’s public raiko GitHub repository, draining $1.7 million from L1 bridge contracts and forcing the protocol to halt block production and urge all users to exit.