AI coding agent flaw exposed: GitHub tokens at risk
Researchers at BeyondTrust Phantom Labs have identified a critical command injection vulnerability in OpenAI’s Codex cloud environment that exposed GitHub OAuth tokens directly from the agent’s execution environment. The vulnerability stemmed from
