Search results for OAuth
AI & Enterprise
OpenAI Codex flaw could steal GitHub auth tokens via command injection
A report said a command injection vulnerability was found in OpenAI’s coding agent Codex, potentially allowing GitHub authentication tokens to be stolen. Phantom Labs, part of BeyondTrust, said the flaw stemmed from how Codex handled branch names when creating a work environment. By manipulating branch parameters during task creation, attackers could inject commands into setup shell commands and run code inside the container, exposing OAuth tokens through task output or external network requests.
AI & Enterprise
Rapid7 says attackers\' speed outpaces defenders, predictive security must shift to preemptive security
Cybersecurity firm Rapid7 said predictive security that detects signals of an attack and responds accordingly is no longer effective, citing the immediate exploitation of vulnerabilities after disclosure. It said attackers weaponise flaws within days, leaving little time for vendors to issue patches and defenders to deploy them. Rapid7 pointed to internet access brokers and infostealers as key drivers and said ransomware-related leak posts rose in 2025. It urged a shift to preemptive security and exposure management.
AI & Enterprise
KT showcases public-sector AI transformation results on global stage at MWC26
KT on Sunday unveiled results from its public and enterprise AI business at MWC26 in Barcelona, promoting its Korean-style AI transformation capabilities. The company won a Supreme Court project to build a trial-support AI platform and has developed and operated an AI-based teaching and learning platform with the Gyeonggi Provincial Office of Education since 2023. It introduced use cases, system architecture and key functions for both projects.
