Bleepingcomputer
Ghostcommit Attack Exploits AI Reviewers to Steal Secrets
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Researchers from the ASSET Research Group demonstrated a new attack method called 'Ghostcommit' that hides malicious instructions within PNG images to bypass AI code reviewers. The attack exploits a significant gap in the review process, with a survey revealing that 73% of merged pull requests in active repositories receive no substantive human or bot review. The malicious payload, concealed in an image, instructs coding agents to read sensitive files like .env and exfiltrate secrets as seemingly harmless data. This attack method poses a serious risk to software supply chains, as compromised repositories can lead to extensive downstream damage. The researchers disclosed their findings to affected vendors and published a proof-of-concept on GitHub. The attack highlights vulnerabilities in AI-assisted code review processes and the need for improved security measures.
Key Points: • Ghostcommit attacks exploit AI code reviewers by hiding malicious instructions in PNG images. • 73% of merged pull requests in active repositories lack substantive human or bot review. • The attack can lead to significant data breaches and compromise software supply chains.