A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious Copilot instructions in a GitHub issue.
The artificial intelligence (AI)-driven vulnerability has been codenamed RoguePilot by Orca Security. It has since been patched by Microsoft following responsible disclosure.
„Attackers can craft hidden instructions inside a
https://thehackernews.com/2026/02/roguepilot-flaw-in-github-codespaces.html