ADVERTISEMENT

Researchers hijack popular AI agents from Anthropic, Google, and Microsoft: vendors choose to stay silent

Security researchers have hijacked three popular AI agents that integrate with GitHub Actions using a new type of prompt-injection attack to steal API keys and access tokens. The problem is most probably pervasive, they warn, and lament that the major vendors running the agents didn’t even think to disclose the issue.

claude-gemini-copilot

Image by Cybernews.

Gintaras Radauskas
Gintaras Radauskas Senior Journalist
Apr 16, 2026 3 min read
claude code leak
Image by Cybernews.

Check if your data has been leaked

Find out if your email, phone number or related personal information might have fallen into the wrong hands.
18,611,353,922
Breached accounts
36,030
Breached websites
ADVERTISEMENT
But if Guan’s work is any sign of the future, public disclosure is something that AI firms will still need to work on.
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Add us as your Preferred Source on Google.

ADVERTISEMENT