Microsoft discovers Claude Code vulnerability that could leak GitHub credentials - Wedoany

Homepage News Details

Microsoft discovers Claude Code vulnerability that could leak GitHub credentials

2026-06-08 09:44

Favorite

en.Wedoany.com Reported - Microsoft researchers have discovered a vulnerability in the GitHub automation workflow of Anthropic's Claude Code that could lead to the leakage of confidential information in continuous integration/continuous deployment workflows, allowing attackers to steal sensitive credentials through prompt injection attacks.

Microsoft warns that Claude Code has a vulnerability that could lead to the leakage of GitHub account credentials

Microsoft's threat intelligence team initiated this research after detecting attempts at prompt injection targeting AI-assisted GitHub workflows in public code repositories. Prompt injection is a type of AI security vulnerability where attackers embed misleading instructions in content processed by large language models, manipulating the model's behavior to disregard preset instructions. Researchers cited an example where an attacker hid injection instructions within HTML comments, which are invisible in the GitHub display interface but can be recognized by AI models reading the raw Markdown source code. The code repository at that time used GitHub automation workflows to automatically handle issue tickets.

Attackers can disguise malicious instructions as ordinary feature requests. Without needing project modification permissions, they only need to submit a GitHub issue to trick the AI bot into performing modification operations on their behalf. Microsoft confirmed that similar prompt injection methods can also target Anthropic's Claude Code GitHub automation workflows. Previously, Anthropic had set up sandbox protections for some tools, but Microsoft found that the read tool used by Claude for reading files was not subject to the same security restrictions. Researchers created a prompt injection attack payload for verification testing. In the test, the malicious prompt successfully bypassed two layers of protection, inducing the AI assistant to read system files containing API keys and other credentials.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com

Information and Communication Information Security and Data Security Engineering Artificial Intelligence Engineering

Previous：Philippine Airlines Resumes Saipan Flights in June

Next：UK Police Told to Stop Using AI for Court Statements Over Concerns of False Content

Mine Explosion-proof and Intrinsically Safe Industrial Ethernet Ring Network (10 Gigabit/Gigabit)

Chongqing Mas Sci&Tech Co., Ltd.

Single-mode Fiber G.652B

SHENZHEN SDG INFORMATION CO., LTD.

Comprehensive Mining Automation Control System

Beijing Tianma Intelligent Control Technology Co., Ltd.

Negotiable /Set

Bolande Application Server Software V9.5

Beijing Baolande Software Corporation

Intelligent Warehousing

Jiangsu Zhongtian Technology Co., Ltd.

Neolix X3 Autonomous Delivery Vehicle

Neolix Beijing Technology Co., Ltd.

MUX Series Communication Interface Device for Security and Stability Control System

Nanjing NR Electric Co., Ltd.

Industrial and Commercial Point-Type Gas Detector

Jinan Benan Technology Development Co., Ltd.

G.652.D Wavelength-extended Non-dispersion Shifted Single-mode Optical Fiber

HONGAN GROUP CO., LTD.

Automatic Aiming Laser Remote Obstacle Removal Robot

Pinggao Group Weihai High-Voltage Apparatus Co., Ltd.

QPS-20A Redundant Power Fast Switcher

CHN ENERGY ZHISHEN CONTROL TECHNOLOGY CO., LTD.

Hangzhou GOLONG Technology Co., Ltd.

Related Recommendations

Microsoft Unveils Proprietary AI Stack and Quantum Chip

SpaceX's $4 Trillion Valuation May Trigger Investor Portfolio Rebalancing

South Korea's LG Group Partners with NVIDIA to Build AI Factories, Advancing Robotics and Autonomous Driving

Silicon Valley, USA: Lim Meng Hoong Says AI Enters a New Era of Scientific Infrastructure

Malaysia's VCI Global Launches AI-Native Business Operating System Galactic OPC

China Tianjin International Ship Industry Expo Opens, Focusing on AI Opportunities

US Healthcare AI Survey: 34% of Patients Willing to Let AI Read Full Medical Records

U.S. Senseonics Releases Eversense 365 Real-World Data at ADA: Involving 12,000 Sensors

IAEA Introduces Artificial Intelligence into Radiotherapy Database

Shanghai Senior Care Expo Showcases Thousand-Yuan AI Elderly Care Products

Lastest Bulletin

U.S. President Trump Discusses Agricultural Issues with Farmers in Wisconsin

Puno Region Launches 42 Million Sol Alpaca Project

Peru's Villa Rica "Roots of a Century" Fair to Open with Over 40 Producers

Polymer Flooding Pilot in Daqing Oilfield's Type III Reservoirs Boosts Recovery Factor by 12.69 Percentage Points

EU-Mercosur Agreement Drives Argentina's Economic Transformation

Microsoft Unveils Proprietary AI Stack and Quantum Chip

SpaceX's $4 Trillion Valuation May Trigger Investor Portfolio Rebalancing

Construction Begins on First Top Arch Layer of Underground Powerhouse at China's Qinghai Warang Pumped Storage Power Station

German K+S Group acquires Polish Qemetica's salt business for €350 million

CRRC Zhuzhou Locomotive Completes First Batch of O‘zbekiston Electric Locomotive Overhauls and Delivers to Uzbekistan