
Summaries like this, in your inbox every morning.
Sign up free →Wiz Research used AI models to uncover a vulnerability in GitHub's internal git infrastructure that could have allowed attackers to access millions of public and private code repositories. GitHub's security team reproduced the vulnerability internally within 40 minutes, and the engineering team deployed a fix just over an hour after identifying the root cause.
The vulnerability was discovered in closed-source binaries using AI — described by Wiz as 'one of the first critical vulnerabilities discovered in closed-source binaries using AI' — and was 'remarkably easy to exploit' despite the complexity of GitHub's underlying system.
The issue was fixed within six hours of Wiz's report, with no evidence of exploitation found during a forensic investigation. The discovery earned one of the highest rewards available in GitHub's Bug Bounty Program.
No discussion yet for this article
Get curated AI news from 200+ sources delivered daily to your inbox. Free to use.
Get Started FreeFree · takes 30 seconds · unsubscribe anytime
1 minute a day. The AI essentials.
200+ sources · Email / LINE / Slack