Breaking 10:45 Chanel expands in California with the acquisition of a new vineyard estate 10:40 Sunkissed makeup dominates spring 2026 beauty trends 10:30 Fight against illiteracy in Morocco: 2.4 million beneficiaries in three years 10:20 Gartner warns most ai driven mainframe migrations will fail 10:15 French competition watchdog fines retailers €12.7 million over organic products cartel 10:00 Brazilian payments firm ebanx expands into southeast Asia markets 10:00 New method hunts alien life through planetary patterns not biosignatures 09:45 Bulgaria’s pro-Russian former president leads election race on anti-corruption platform 09:40 Bitcoin proposal seeks to freeze satoshi era coins over quantum risk 09:30 El Al expands boeing deal with order for six additional dreamliners 09:20 Researchers hijack ai agents via github prompt injection attacks 09:15 Stellantis to end car production at poissy plant by 2029 09:00 India-Zambia talks on critical minerals stall over mining rights concerns 09:00 Mars bathtub ring discovery points to long lasting ancient ocean 08:45 Flydubai resumes flights to Beirut as regional air travel recovers 08:40 Largest gravity test confirms Newton and Einstein across cosmic scales 08:30 Jd sports exits applied nutrition stake in multimillion-dollar deal 08:20 Ai models can pass hidden traits through unrelated data study finds 08:15 Air liquide invests in Japan to support next-generation ai chip production 08:00 Hays reports decline in net fees as hiring demand weakens in Germany 07:50 Nikkei hits record high as US Iran talks lift markets 07:45 Eqt relaunches sale of ginko with billion-dollar valuation target 07:30 Inditex reports unauthorised access to transaction databases 07:15 UK economy posts stronger-than-expected growth in early 2026 07:00 Easyjet warns of rising losses amid fuel surge and legal costs 06:20 Transforming imperfections into works of art 17:30 Tunisia faces controversy after MP’s remarks on rape and migrant women 17:20 Apple expands ads in maps as unified business platform rolls out 17:15 The BBC to cut 2,000 jobs in its largest redundancy plan in 15 years 17:00 Fossid unveils real time compliance tool for ai generated code 17:00 Robinhood and Webull jump after US SEC approves removal of day-trading limits for small investors 16:45 Britain may extend ban on gagging orders covering workplace abuse 16:40 RAVE token surge triggers $30 million liquidations amid manipulation claims 16:30 Big advertising agencies settle US FTC probe over alleged boycott of political content 16:20 VW warns China car market may shrink for first time since 2018 16:15 Nigeria’s inflation rises for the first time in a year in March 16:00 GreenChemAfrica strengthens its presence in Africa 16:00 Steve Aoki exits crypto holdings as Bored Ape NFTs lose 88% value 15:45 BYD avoids price war in South Africa to strengthen its electric vehicle brand 15:40 Anthropic shifts to usage pricing for enterprise AI customers 15:30 Eu challenges Meta over WhatsApp AI fees amid competition concerns 15:20 European farmers cut crops as Iran war disrupts fertilizer supply 15:15 Zelensky meets Meloni in Rome to advance talks on Ukraine war cooperation 15:01 Phil Collins and Oasis set for induction into the rock and roll hall of fame 15:00 Tesla completes AI5 chip design with mass production targeted for 2027 14:45 Canadian author Jon Klassen wins Astrid Lindgren Award for children's literature 14:40 Renewables offset Hormuz crisis as fossil power output falls 14:30 Africa trade insurer seeks $500 million to offset rising costs linked to Middle East conflict 14:20 Unitree launches $8,200 humanoid robot globally via AliExpress 14:15 Germany pledges €212 million in aid for Sudan at Berlin conference 14:00 Donald Trump threatens to reconsider trade deal with the United Kingdom 13:50 China aluminum exports set to surge amid Gulf supply disruption 13:45 Switzerland considers stricter rules on foreign real estate purchases 13:33 Adobe launches AI assistant for creative tools with integration of Anthropic’s Claude 13:20 Norway gains $5 billion windfall as Iran war reshapes Europe energy 13:17 Investigation underway after mother confesses to killing two children in Lebanon 13:05 Easyjet launches its first African base in Marrakech menara 13:00 China green tech exports surge as oil shock boosts EV demand 12:40 Gold holds near record as oil slips on US Iran talks hopes 12:30 Pope arrives in Cameroon with peace message for Anglophone regions 12:20 Moroccan women riders gain global spotlight in tbourida tradition 12:15 Snap to lay off about 16% of staff 12:00 Czech president says Israel’s security must not come at the expense of others in the region 11:50 Marrakech to host global tourism innovation and investment conference 11:45 Sweden foils pro-Russian cyberattack on thermal power plant 11:40 Casablanca to host industrial transformation Africa summit in 2026 11:30 Botswana has not requested stake in Lobito refinery, Angola’s Sonangol says 11:20 Mohammed VI tower inaugurated as landmark of Morocco’s modern skyline 11:17 Aziz Akhannouch announces 581 billion dirhams in approved investment projects 11:15 Greece proposes renewal of central bank governor Yannis Stournaras’ term 11:09 Tourism in Morocco: Aziz Akhannouch announces record revenues of 138 billion dirhams 11:00 Washington expands funding for HIV preventive treatment, with Morocco among targeted countries 11:00 ReparTrust.com wins Africa insurance trophy for automotive claims innovation

Researchers hijack ai agents via github prompt injection attacks

09:20
By: Dakir Madiha
Researchers hijack ai agents via github prompt injection attacks

Security researchers have demonstrated how artificial intelligence agents from Anthropic, Google and Microsoft can be compromised through prompt injection attacks hidden in GitHub workflows. The technique allowed attackers to extract API keys, GitHub tokens and other sensitive data without direct system access, raising concerns about the security of AI driven development tools.

The research was conducted at Johns Hopkins University, where Aonan Guan and colleagues identified a vulnerability in AI agents integrated into software development pipelines. These agents analyze pull requests and issues on GitHub. By embedding malicious instructions in pull request titles or issue comments, attackers could manipulate the agents into revealing confidential information during automated reviews.

The attack relies on how these systems process context. AI agents treat user generated text such as titles, comments and issue descriptions as trusted input. Guan showed that carefully crafted prompts can override built in safeguards. In one case, the Claude based security review tool processed a malicious title and exposed sensitive credentials in its automated response. The researcher described the method as “comment and control,” since the full attack cycle occurs داخل GitHub without external infrastructure.

The same approach proved effective against multiple systems. Google’s Gemini CLI agent was tricked into exposing its API key by disguising malicious instructions as trusted content. Microsoft’s GitHub Copilot agent was manipulated using hidden HTML comments embedded in Markdown, invisible to users but readable by the AI system. This method bypassed multiple layers of runtime protection.

Despite the severity, responses from the affected companies remained limited. Anthropic issued a small bug bounty and added a documentation warning. Google and Microsoft also paid rewards through their vulnerability programs. None of the companies released formal security advisories or assigned CVE identifiers, leaving many users unaware of potential exposure, especially those running outdated versions.

The findings highlight broader structural risks in AI agent ecosystems. A separate analysis by OX Security identified a critical flaw in Anthropic’s Model Context Protocol, which connects AI agents to external tools. The vulnerability could enable arbitrary command execution on affected servers, impacting widely used software components.

These incidents build on earlier research by Aikido Security, which showed that prompt injection attacks can compromise AI systems embedded in CI CD pipelines. This class of vulnerabilities, sometimes referred to as “PromptPwnd,” demonstrates that AI agents can be manipulated in ways similar to phishing attacks, but targeting machines instead of users.

Keywords:



Latest News
  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

Newsletter

Subscribe now to the Walaw website newsletter to receive all the latest updates

Email address

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.