Ghostcommit attack hides malicious AI instructions in images


Ghostcommit is a proof of concept that shows how AI assistants used to review software code can be tricked by hidden instructions embedded in images.

The academic ASSET Research Group showed that an attacker can place instructions inside an image file, point to it in an AGENTS.md file, and get an AI coding agent to follow those instructions during a later task.

A pull request is basically a formal “please review and add my changes” request that a developer sends before changes are added to the main version of a software project. Human reviewers and, increasingly, AI coding tools may review the changes before they’re accepted.

Read more…
Source:  MalwareBytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • UK: Military reviews Army’s use of Chinese technology to make weapons

    April 18, 2026

    The Defence Secretary has ordered an investigation after The Telegraph revealed that the British Army was using Chinese 3D printers to build weapons. Last year, it was revealed that British troops were taking the technology with them into the field and using it to make “suicide drones” for attack missions, despite national security concerns. Army officers said ...

  • Tracking Mirai Variant Nexcorium: A Vulnerability-Driven IoT Botnet Campaign

    April 17, 2026

    IoT devices are increasingly prime targets for large-scale attacks due to their widespread use, lack of patching, and often weak security settings. Threat actors continue exploiting known vulnerabilities to gain initial access and deploy malware that can persist, spread, and cause distributed denial-of-service (DDoS) attacks. FortiGuard Labs has analyzed a recent campaign exploiting CVE-2024-3721 in TBK ...

  • Cisco tells Webex users to patch critical security flaws immediately

    April 17, 2026

    Cisco has pushed a new patch to address four critical-severity vulnerabilities plaguing its cloud-based Webex Services platform – and has also warned Wi-Fi access points users of a bug in certain versions of IOS XE that could result in a device bootloop. Webex Services is a platform for communication and collaboration, letting people hold video meetings, ...

  • Adapt or pay: an analysis of the AdaptixC2 framework

    April 17, 2026

    As highlighted in our previous post about the Mythic framework, threat actors are rapidly adopting emerging technologies and frameworks. A prime example of this trend is AdaptixC2, a relatively new open-source post-exploitation framework that has quickly captured the attention of the offensive security community. Its popularity stems from its open-source nature and high extensibility; the framework ...

  • British National Pleads Guilty to Hacking into Companies and Stealing At Least $8 Million in Virtual Currency

    April 17, 2026

    SANTA ANA, California – A United Kingdom man pleaded guilty today to conspiring with others to hack into the computer systems of at least a dozen companies via text message phishing attacks and to steal at least $8 million in virtual currency from individual victims throughout the United States. Tyler Robert Buchanan, 24, of Dundee, Scotland, ...

  • Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

    April 16, 2026

    Microsoft Threat Intelligence uncovered a macOS‑focused cyber campaign by the North Korean threat actor Sapphire Sleet that relies on social engineering rather than software vulnerabilities. By impersonating a legitimate software update, threat actors tricked users into manually running malicious files, allowing them to steal passwords, cryptocurrency assets, and personal data while avoiding built‑in macOS security checks. ...