Microsoft-Defender | GRID THE GREY

LIVE THREATS

MEDIUM AI Security M&A Surge: Agentic Identity, LLM Evaluation, and Browser Control Targeted // HIGH Claude Code GitHub Action Leaked CI/CD Secrets via Prompt Injection // HIGH Gartner Flags Deepfakes and Prompt Injection Among Top Attacker Advantages // MEDIUM OpenAI Lockdown Mode Targets Prompt Injection Data Exfiltration Vector // HIGH Prototype AI Worm Carries Embedded LLM for Decentralised Self-Propagation // HIGH Unauthorized Access to Anthropic's Claude Mythos Exposes Agentic AI Defense Risks // MEDIUM Microsoft Scout Autonomous Agent Expands Attack Surface Across Microsoft 365 // HIGH High-Autonomy AI Agents With Broad Permissions Pose Enterprise Security Crisis // HIGH Indirect Prompt Injection via Notifications Hijacks Google Gemini on Android // HIGH Only 11 of 100 AI Agents Pass Security and Capability Benchmarks //

1 report

All LLM Security Industry News Agentic AI Research Supply Chain Prompt Injection Regulatory Adversarial ML Jailbreaks Model Theft Data Poisoning

Claude Code GitHub Action Leaked CI/CD Secrets via Prompt Injection

ATLAS OWASP HIGH Microsoft Security Blog Jun 08, 2026 ▲ 9.1

Claude Code GitHub Action Leaked CI/CD Secrets via Prompt Injection

Microsoft Threat Intelligence disclosed a vulnerability in Anthropic's Claude Code GitHub Action whereby prompt injection via untrusted GitHub content — issue bodies, PR descriptions, and comments — …

AML.T0051 - LLM Prompt Injection AML.T0057 - LLM Data Leakage AML.T0047 - ML-Enabled Product or Service