Researchers discover OpenAI Codex vulnerability involving Unicode characters

Hackers can steal your GitHub tokens through OpenAI’s Codex using nothing more than a sneaky branch name ...
SecurityWeek

Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise

When researchers found an obfuscated token while examining the relationship between OpenAI Codex and GitHub, they took notice ...

Security experts discover critical flaw in OpenAI's Codex able to compromise entire organizations

Researchers managed to steal GitHub OAuth tokens by abusing a command injection vulnerability.
The Hacker News

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability

ChatGPT and Codex flaws patched Feb 2026 exposed DNS exfiltration and GitHub tokens, raising enterprise AI security risks.
GIGAZINE

GitHub tokens leaked from prominent open source projects from Google and Microsoft

It has been discovered that GitHub authentication tokens have been leaked from several well-known open source projects on GitHub, including those from Google, Microsoft, Amazon Web Services (AWS), and ...
TechRadar

Many top-level open source projects found leaking GitHub auth tokens

Many top-level open source projects have been found leaking GitHub auth tokens, putting entire projects at risk of data theft and malicious code tampering. Cybersecurity researchers from Unit 42 ...
Bleeping Computer

GitHub now can auto-block token and API key leaks for all repos

GitHub is now automatically blocking the leak of sensitive information like API keys and access tokens for all public code repositories. Today's announcement comes after the company introduced push ...