EventCybersecurityJuly 8, 2026

Critical vulnerability exposes GitHub agentic workflows to prompt injection

Attackers can exploit crafted public GitHub issues to inject prompts into AI-powered workflows, gaining access to private repository data without authentication. The vulnerability affects GitHub's agentic workflow features and was reported by researchers.

1 source