Ben Rothke
#CamoLeak is a high-severity #vuln in #GitHub #Copilot Chat (CVE-2025-59145, CVSS 9.6) that gives attackers ability to silently steal source code, API keys & secrets from private repos w/o executing any malicious code. Good overview from @blackfogprivacy. https://api.cyfluencer.com/s/camoleak-how-github-copilot-became-an-exfiltration-channel-26669
CamoLeak: How GitHub Copilot Became An Exfiltration Channel

CamoLeak turned GitHub Copilot into a silent data exfiltration channel via prompt injection and GitHub's own image proxy. CVSS 9.6.

BlackFog
Apr 13 at 4:14pmWeb