Copilot exposes private GitHub pages, some removed by Microsoft

0

Microsoft’s Copilot AI assistant is exposing the contents of more than 20,000 private GitHub repositories from companies including Google, Intel, Huawei, PayPal, IBM, Tencent and, ironically, Microsoft.

These repositories, belonging to more than 16,000 organizations, were originally posted to GitHub as public, but were later set to private, often after the developers responsible realized they contained authentication credentials allowing unauthorized access or other types of confidential data. Even months later, however, the private pages remain available in their entirety through Copilot.

AI security firm Lasso discovered the behavior in the second half of 2024. After finding in January that Copilot continued to store private repositories and make them available, Lasso set out to measure how big the problem really was.

Read full article

Comments

More Stories

Apple Sued for Claiming Its Watches Are “Carbon Neutral”

0

Apple to Unveil New “Age Assurance” System for Child Safety in Apps

0

This MagSafe power bank has fast charging and a smart display for $60 off

0

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

Apple Sued for Claiming Its Watches Are “Carbon Neutral”

0

Apple to Unveil New “Age Assurance” System for Child Safety in Apps

0

This MagSafe power bank has fast charging and a smart display for $60 off

0

Neural: OpenAI announces GPT-4.5, ChatGPT’s largest and best model for chat

0

iPhone 17 CADs consistently show the same Air/Pro designs

0