CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

CamoLeak Attack Exploits GitHub Copilot for Data Exfiltration

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

A new proof-of-concept (PoC) attack, dubbed 'CamoLeak,' demonstrates how GitHub Copilot can be exploited to exfiltrate sensitive user data through a series of complex steps. The attack leverages hidden comments and image tags to bypass GitHub's security features, allowing an attacker to steal small amounts of data, such as passwords or private keys, without detection. The attack involves two main phases: prompt injection to influence Copilot's output and a bypass of GitHub's Camo security feature using invisible image tags. GitHub has since disabled image rendering in Copilot chat to mitigate this risk. The technique is not suitable for large-scale data exfiltration but can selectively leak sensitive information within minutes.

Timeline

  1. 09.10.2025 22:56 1 articles · 12h ago

    CamoLeak Attack Demonstrates Data Exfiltration via GitHub Copilot

    A new proof-of-concept (PoC) attack, dubbed 'CamoLeak,' shows how GitHub Copilot can be exploited to exfiltrate sensitive user data. The attack involves using hidden comments and image tags to bypass GitHub's Camo security feature, allowing an attacker to steal small amounts of data without detection. GitHub has disabled image rendering in Copilot chat to prevent real attackers from using this technique.

    Show sources
    Open in new tab

Information Snippets

  • The CamoLeak attack exploits GitHub Copilot to exfiltrate sensitive user data through hidden comments and image tags.

    First reported: 09.10.2025 22:56
    1 source, 1 article
    Show sources

  • The attack involves two phases: prompt injection to influence Copilot's output and a bypass of GitHub's Camo security feature.

    First reported: 09.10.2025 22:56
    1 source, 1 article
    Show sources

  • GitHub's Camo feature acts as a secure proxy for third-party images, breaking direct links between users and hosting sites.

    First reported: 09.10.2025 22:56
    1 source, 1 article
    Show sources

  • The attacker uses invisible image tags to represent ASCII characters, encoding sensitive data as sequences of image requests.

    First reported: 09.10.2025 22:56
    1 source, 1 article
    Show sources

  • GitHub has disabled image rendering in Copilot chat to prevent real attackers from using the CamoLeak trick.

    First reported: 09.10.2025 22:56
    1 source, 1 article
    Show sources

  • The attack is not suitable for large-scale data exfiltration but can selectively leak sensitive information within minutes.

    First reported: 09.10.2025 22:56
    1 source, 1 article
    Show sources