Security · 1h ago
OpenBSD Bug, GitHub AI Leak, CDN Script Risk Highlight Security Week
A use-after-free vulnerability in OpenBSD (CVE-2026-57589) allows local privilege escalation to root. Researchers demonstrated GitLost, a prompt injection attack that tricked GitHub's AI agent into leaking private repository data. An obfuscated bash script was found delivered via Akamai CDN on a Uniqlo t-shirt, raising supply chain concerns.
Meridian48 take
These incidents underscore that security vulnerabilities are not limited to software flaws but extend to AI agents and physical supply chains, demanding broader vigilance.
Read the full reporting
OpenBSD Privilege Escalation, GitHub AI Agent Leaks, & CDN Supply Chain Risks →
DEV Community
openbsdai-agent-security