Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Ghostcommit Exploit Hides Malicious Code in Images

Ghostcommit Exploit Hides Malicious Code in Images

Posted on July 11, 2026 By CWS

Introduction to the Ghostcommit Exploit

The recent discovery of a supply chain attack dubbed “Ghostcommit” has raised significant concerns in cybersecurity circles. This sophisticated exploit camouflages harmful prompt-injection instructions within PNG images, effectively bypassing AI-powered code reviewers and deceiving coding agents into revealing sensitive information, such as .env files.

Ghostcommit represents a novel approach to cyber attacks, as it leverages the inherent weaknesses in AI systems. These systems, often tasked with reviewing code for vulnerabilities, can miss threats hidden within non-textual data formats like images.

Mechanics of the Ghostcommit Attack

The ASSET Research Group has demonstrated the Ghostcommit technique, illustrating how it cleverly circumvents detection mechanisms. Typically, AI reviewers like Cursor Bugbot and CodeRabbit can spot explicit text-based instructions to extract sensitive files. However, Ghostcommit’s ingenuity lies in its ability to split the malicious payload.

In this scenario, a seemingly benign AGENTS.md file instructs the coding agent to “derive a build constant” from a referenced image, which conceals the real threat. The image contains encoded instructions to read the .env file byte by byte, converting it into ASCII integers. Because AI reviewers treat images as opaque data, these malicious instructions go unnoticed.

Implications and Case Studies

The attack’s effectiveness is striking, as demonstrated in test environments where AI agents unknowingly execute the embedded instructions. For instance, a developer might trigger the exploit by requesting a routine feature, leading the agent to access and leak sensitive information.

In one test, the Cursor tool generated a tuple of 311 integers, embedding crucial secrets like API keys and database credentials directly in the code. Attackers can then easily decode these integers back into plaintext, exploiting the overlooked vulnerabilities.

Broader Impact and Defense Strategies

The Ghostcommit exploit highlights two critical blind spots in current code review processes: the invisibility of malicious instructions within images and the unconventional encoding of secrets as numeric tuples. These gaps reveal the limitations of existing detection tools, which typically search for recognizable string patterns.

Research shows varying outcomes depending on the tools and models used. Notably, while some combinations like Cursor and Sonnet 4.6 leaked data, others like Claude Code resisted the attack. This variability underscores the need for robust, adaptable defenses.

Future Outlook and Mitigation

In response, researchers have developed a prototype multimodal GitHub review application. This tool integrates invisible-character detection, code-shape analysis, and thorough LLM evaluations of both code text and images. Initial tests have shown promising results, identifying all malicious requests without false positives.

As the cybersecurity landscape evolves, understanding and countering sophisticated tactics like Ghostcommit becomes crucial. Sharing knowledge and developing innovative solutions will be key to protecting sensitive data from future threats. The open-source release of Ghostcommit’s proof of concept provides a valuable resource for defenders aiming to bolster their defenses against similar exploits.

Cyber Security News Tags:AI agents, AI security, AI vulnerabilities, code injection, code review, Cybersecurity, Ghostcommit, image-based attack, Malware, supply chain attack

Post navigation

Previous Post: Ghost Accounts Exploit GitHub API in Major Reconnaissance Effort
Next Post: Compromised jscrambler npm Package Drops Infostealer

Related Posts

Aembit Enhances IAM for Microsoft’s Copilot Studio Aembit Enhances IAM for Microsoft’s Copilot Studio Cyber Security News
Arsen Launches Smishing Simulation to Help Companies Defend Against Mobile Phishing Threats Arsen Launches Smishing Simulation to Help Companies Defend Against Mobile Phishing Threats Cyber Security News
Claude Code Flaws Risk Remote Code Attacks Claude Code Flaws Risk Remote Code Attacks Cyber Security News
Ransomware Gangs Leveraging RMM Tools to Attack Organizations and Exfiltrate Data Ransomware Gangs Leveraging RMM Tools to Attack Organizations and Exfiltrate Data Cyber Security News
Google Releases Guide to Harden Security Strategy and Detection Capabilities Against UNC6040 Google Releases Guide to Harden Security Strategy and Detection Capabilities Against UNC6040 Cyber Security News
KongTuke Attacking Windows Users With New Interlock RAT Variant Using FileFix Technique KongTuke Attacking Windows Users With New Interlock RAT Variant Using FileFix Technique Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Compromised jscrambler npm Package Drops Infostealer
  • Ghostcommit Exploit Hides Malicious Code in Images
  • Ghost Accounts Exploit GitHub API in Major Reconnaissance Effort
  • MacOS Screen Sharing Issue in Microsoft Teams
  • Zimbra Security Update Urges Users to Patch Critical Flaw

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Compromised jscrambler npm Package Drops Infostealer
  • Ghostcommit Exploit Hides Malicious Code in Images
  • Ghost Accounts Exploit GitHub API in Major Reconnaissance Effort
  • MacOS Screen Sharing Issue in Microsoft Teams
  • Zimbra Security Update Urges Users to Patch Critical Flaw

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark