GitHub Copilot Attack Exploits Issues for Repository Takeover

GitHub Copilot Attack Exploits Issues for Repository Takeover

First seen 24 Feb 2026, 16:13 UTC Feeds.FeedburnerCybersecuritynewsScworld 83% similarity 34.8

Article Content

Browse articles
ThreatCluster

A cybersecurity incident has emerged where attackers exploited GitHub Issues to inject malicious instructions that are processed by Copilot during the launch of a Codespace. This attack leverages the zero-day vulnerability CVE-2026-22769, which was recently exploited by a Chinese cyberespionage group. Affected users may face repository takeovers due to this exploitation.

ThreatCluster AI

Timeline

2026-02-17
CVE-2026-22769 published
2026-02-18
CVE-2026-22769 added to CISA KEV for active exploitation
2026-02-24
Articles published detailing the Copilot attack

Community

Browse all →