The integration of AI coding agents has introduced new, high-impact attack surfaces for development teams. Phantom Labs at BeyondTrust recently discovered a critical command-injection vulnerability in OpenAI Codex. This flaw allowed attackers to steal sensitive GitHub User Access Tokens. By exploiting how Codex handles task creation requests, threat actors could laterally move into an organization’s […] The post OpenAI Codex Vulnerability Allows Attackers to Steal GitHub Access Tokens appeared first on Cyber Security News.