The Hacker News

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability

ChatGPT and Codex flaws patched Feb 2026 exposed DNS exfiltration and GitHub tokens, raising enterprise AI security risks.

The invisible threat hidden in clear view: how Unicode characters are being weaponized to hide malicious commands from human users

Research from BeyondTrust Phantom Labs found the vulnerability stems from improper input sanitization in how Codex processed ...
SecurityWeek

Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise

When researchers found an obfuscated token while examining the relationship between OpenAI Codex and GitHub, they took notice ...
Windows Latest

Microsoft says Copilot ad in GitHub pull request was a bug, not an advertisement

Microsoft has denied the GitHub Copilot ad reports and told Windows Latest that it does not plan to show ads on GitHub.

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
CSO Online

OpenAI patches twin leaks as Codex slips and ChatGPT spills

Command injection in Codex and a hidden outbound channel in ChatGPT exposed risks of credential theft and covert data ...

Trivy supply-chain attack spreads to Docker, GitHub repos

The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images ...
TechJuice

OpenAI Patches ChatGPT Bug That Could Have Leaked All Your Conversations

OpenAI patches ChatGPT vulnerability that allowed silent data exfiltration and fixes Codex flaw exposing GitHub tokens.