{"data":{"id":"6f35083f-30f4-4927-87c2-f56f8a6b4b2a","title":"'Ghostcommit' hides prompt injection in images to fool AI agents, steal secrets","summary":"Researchers discovered 'Ghostcommit', an attack that hides prompt injection (tricking an AI by embedding hidden instructions in its input) inside PNG image files within code repositories to steal secrets. When a human code reviewer approves a pull request containing a malicious image, an AI coding agent later reads the image, extracts instructions to steal sensitive credentials from .env files (configuration files containing secret keys), and encodes them as numbers in the code where they go undetected by security scanners.","solution":"N/A -- no mitigation discussed in source.","labels":["security","research"],"sourceUrl":"https://www.bleepingcomputer.com/news/security/ghostcommit-hides-prompt-injection-in-images-to-fool-ai-agents-steal-secrets/","publishedAt":"2026-07-11T09:03:57.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["prompt_injection"],"issueType":"news","affectedPackages":null,"affectedVendors":["Anthropic"],"affectedVendorsRaw":["Cursor","Claude Sonnet","CodeRabbit","Gemini CLI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-07-11T09:03:57.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}