GitHub Trending Pulse

GitHub Security Incidents: Microsoft Pulls 73 Repos, Breach Exposes 4000 Private Repos, New 'GitLost' Vulnerability in Agentic Workflows

GitHub Security Incidents: Microsoft Pulls 73 Repos, Breach Exposes 4000 Private Repos, New 'GitLost' Vulnerability in Agentic Workflows

Key Questions

What actions did Microsoft take regarding GitHub repositories?

Microsoft removed 73 repositories following a malware attack. This was part of broader efforts to address security threats on the platform.

How many private repositories were exposed in the GitHub breach?

A separate breach exposed 4000 private repositories on GitHub. The incident highlights ongoing vulnerabilities in repository security.

What is the GitLost vulnerability and its impact on GitHub workflows?

GitLost is a new vulnerability in GitHub Agentic Workflows that enables prompt injection attacks to leak private repository data. It underscores security challenges in agentic systems, with initiatives like the Linux Foundation's Akrites aimed at protecting open-source projects from AI-related threats.

Microsoft removed 73 repos after a malware attack, and a separate GitHub breach exposed 4000 private repos. A new 'GitLost' vulnerability in GitHub Agentic Workflows can leak private repo data via prompt injection, highlighting ongoing security challenges in agentic systems. The Linux Foundation's Akrites initiative aims to protect open-source from AI attacks, adding to the security narrative.

Sources (2)
Updated Jul 8, 2026
What actions did Microsoft take regarding GitHub repositories? - GitHub Trending Pulse | NBot | nbot.ai