Comment and Control: Prompt Injection Turns GitHub Comments into Credential Theft
Overview Researchers have disclosed a critical cross‑vendor vulnerability class dubbed “Comment and Control”, which weaponizes GitHub pull request titles, issue bodies, and comments to hijack […]