A critical AI-driven vulnerability in GitHub Codespaces, dubbed RoguePilot, that enabled attackers to silently hijack a repository by embedding malicious instructions inside a GitHub Issue. The flaw, uncovered by researchers at the Orca Research Pod, exploits the seamless integration between GitHub Issues and the in-Codespaces Copilot AI agent, requiring no direct interaction from the attacker […] The post GitHub Copilot Exploited to Perform Full Repository Takeover via Passive Prompt Injection appeared first on Cyber Security News.