Ghostcommit Attack Exploits AI Reviewers to Steal Secrets

Ghostcommit Attack Exploits AI Reviewers to Steal Secrets

First seen 11 Jul 2026, 09:52 UTC BleepingcomputerGround.Newsasset-group.github.iowww.manifold.securitygithub.com+3 89% similarity 66.0

Article Content

Browse articles
ThreatCluster

Researchers from the ASSET Research Group demonstrated a new attack method called 'Ghostcommit' that hides malicious instructions within PNG images to bypass AI code reviewers. The attack exploits a significant gap in the review process, with a survey revealing that 73% of merged pull requests in active repositories receive no substantive human or bot review. The malicious payload, concealed in an image, instructs coding agents to read sensitive files like .env and exfiltrate secrets as seemingly harmless data. This attack method poses a serious risk to software supply chains, as compromised repositories can lead to extensive downstream damage. The researchers disclosed their findings to affected vendors and published a proof-of-concept on GitHub. The attack highlights vulnerabilities in AI-assisted code review processes and the need for improved security measures.

Key Points: • Ghostcommit attacks exploit AI code reviewers by hiding malicious instructions in PNG images. • 73% of merged pull requests in active repositories lack substantive human or bot review. • The attack can lead to significant data breaches and compromise software supply chains.

ThreatCluster AI

Timeline

2026-07-11
Ghostcommit attack demonstrated
ASSET Research Group revealed a method to steal secrets by hiding instructions in PNG images, bypassing AI code reviewers.
BleepingComputer
2026-07-12
Research findings disclosed to vendors
The ASSET Research Group shared their findings on the Ghostcommit attack with affected vendors to mitigate risks.
Ground.News
2026-07-12
Proof-of-concept published on GitHub
The researchers published a proof-of-concept for the Ghostcommit attack, demonstrating its effectiveness.
asset-group.github.io

Community

Browse all →