Generative AI's Ghost in the Machine: Copilot Leaks Private GitHub Repos

Popular：

Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Generative AI's Ghost in the Machine: Copilot Leaks Private GitHub Repos

2025-02-26

Israeli cybersecurity firm Lasso discovered that even briefly public GitHub repositories can be cached long-term by generative AI chatbots like Microsoft Copilot. Over 20,000 once-public repositories from major companies including Microsoft, Amazon, and Google are affected. Even after being set to private, Copilot can access their contents via Bing's caching mechanism, exposing sensitive data such as keys and tokens. Lasso notified affected companies, but Microsoft initially classified the issue as "low severity." While Microsoft disabled Bing cache links, Copilot still retains access, highlighting significant data security risks in generative AI.

(techcrunch.com)

Tech

Do Plants Have Intelligence? A Revolution in Understanding Life's Cognition

Linux Kernel DMA Mapping Maintainer Change