BleepingComputer reports that agentic coding tools can be manipulated by a seemingly benign GitHub repository into running malware that stays hidden from security scanners, AI agents, and human reviewers, highlighting new risks for open-source development workflows.
Clean GitHub repo tricks AI coding agents into running malware
BleepingComputer reports that agentic coding tools can be manipulated by a seemingly benign GitHub repository into running malware that stays hidden from security scanners, AI agents, and human reviewers, highlighting new risks for open-source development workflows.
Source: Bleepingcomputer