Lasso Uncovers Sensitive Private GitHub Repositories from Fortune 500 Companies found Exposed in Microsoft Copilot via Bing Cache
Lasso Uncovers Sensitive Private GitHub Repositories from Fortune 500 Companies found Exposed in Microsoft Copilot via Bing Cache
Lasso Uncovers Sensitive Private GitHub Repositories from Fortune 500 Companies found Exposed in Microsoft Copilot via Bing Cache
Lasso Uncovers Sensitive Private GitHub Repositories from Fortune 500 Companies found Exposed inMicrosoft Copilot via Bing Cache
IBM,Google, PayPal and Microsoft itself are among the companies impacted LLMEngines emerge as a New Attack Vector for Data Exposure
Tel Aviv, February 26, 2025, Lasso, a leader in Gen AI security solutions, today announces the discovery of a critical exposure affecting thousands of private GitHub repositories that were revealed due to Microsoft Copilot and Bing’s caching mechanism. The vulnerability has exposed entire confidential archives that contain intellectual property, sensitive corporate data, access keys and tokens from major enterprises such as IBM, Google, Tencent, and PayPal, as well asMicrosoft itself.
Lasso initially discovered the issue when it's own private GitHub repository content appeared in Microsoft Copilot and was found indexed and cached by Bing. Upon further investigation, the research team at Lasso identified thousands of additional private repositories that had been similarly exposed. Some of these contained highly sensitive credentials, which, in certain cases, allowed unauthorized access to enterprise environments.
During the research, Lasso detected:
- Over 20,000 extracted GitHub repositories
- More than 100 internal Python and Node.js packages vulnerable to dependency confusion
- Over 300 exposed private tokens, keys, and secrets linked to GitHub, Hugging Face, GCP, OpenAI, and other platforms.
- This exposure has affected over 16,000 organizations.
Following the research, Lasso notified Microsoft of this issue in November 2024 and in January 2025, Microsoft changed its security policy and restricted public access to Bing’s cache. In addition, Lasso has also contacted all parties impacted by this vulnerability.
“Modern organizations must now operate under the assumption that any data leaving their network, even if public only momentarily, can be ingested by LLM engines and search engines, making it permanently accessible,” said Ophir Dror, CPO & Co-Founder at Lasso. “Some of this data may not be visible through traditional web searches, yet Copilot and other GenAI tools using indexed data may still retain and expose it.
Lasso’s Security Researcher Bar Lanyado adds, “This creates a new attack vector where a single prompt could unintentionally leak sensitive corporate information. Companies must recognize that it is more critical than ever to protect and sanitize outgoing data streams, controlling every bit of data that exits your parameter.”
Leading the development of GenAI security solutions, Lasso protects businesses that are integrating LLMs into their operations and enhances organization’s security posture by autonomously testing LLM apps, monitoring all GenAI interactions, detecting risks in real-time, and enabling advanced guardrails. With Lasso solutions, organizations can continuously test and protect GenAI models, apps, agents, and chatbot usage while maintaining compliance and security.
About Lasso
Lasso is a GenAI security platform that enhances security posture by autonomously monitoring all GenAI interactions, detecting risks in real-time, and enabling organizations to effortlessly safeguard their GenAI activities. Lasso is on a mission to empower organizations to confidently adopt GenAI without compromising on security or performance. For more information visit www.lasso.security.
Lasso Uncovers Sensitive Private GitHub Repositories from Fortune 500 Companies found Exposed in Microsoft Copilot via Bing Cache
Lasso Uncovers Sensitive Private GitHub Repositories from Fortune 500 Companies found Exposed inMicrosoft Copilot via Bing Cache
IBM,Google, PayPal and Microsoft itself are among the companies impacted LLMEngines emerge as a New Attack Vector for Data Exposure
Tel Aviv, February 26, 2025, Lasso, a leader in Gen AI security solutions, today announces the discovery of a critical exposure affecting thousands of private GitHub repositories that were revealed due to Microsoft Copilot and Bing’s caching mechanism. The vulnerability has exposed entire confidential archives that contain intellectual property, sensitive corporate data, access keys and tokens from major enterprises such as IBM, Google, Tencent, and PayPal, as well asMicrosoft itself.
Lasso initially discovered the issue when it's own private GitHub repository content appeared in Microsoft Copilot and was found indexed and cached by Bing. Upon further investigation, the research team at Lasso identified thousands of additional private repositories that had been similarly exposed. Some of these contained highly sensitive credentials, which, in certain cases, allowed unauthorized access to enterprise environments.
During the research, Lasso detected:
- Over 20,000 extracted GitHub repositories
- More than 100 internal Python and Node.js packages vulnerable to dependency confusion
- Over 300 exposed private tokens, keys, and secrets linked to GitHub, Hugging Face, GCP, OpenAI, and other platforms.
- This exposure has affected over 16,000 organizations.
Following the research, Lasso notified Microsoft of this issue in November 2024 and in January 2025, Microsoft changed its security policy and restricted public access to Bing’s cache. In addition, Lasso has also contacted all parties impacted by this vulnerability.
“Modern organizations must now operate under the assumption that any data leaving their network, even if public only momentarily, can be ingested by LLM engines and search engines, making it permanently accessible,” said Ophir Dror, CPO & Co-Founder at Lasso. “Some of this data may not be visible through traditional web searches, yet Copilot and other GenAI tools using indexed data may still retain and expose it.
Lasso’s Security Researcher Bar Lanyado adds, “This creates a new attack vector where a single prompt could unintentionally leak sensitive corporate information. Companies must recognize that it is more critical than ever to protect and sanitize outgoing data streams, controlling every bit of data that exits your parameter.”
Leading the development of GenAI security solutions, Lasso protects businesses that are integrating LLMs into their operations and enhances organization’s security posture by autonomously testing LLM apps, monitoring all GenAI interactions, detecting risks in real-time, and enabling advanced guardrails. With Lasso solutions, organizations can continuously test and protect GenAI models, apps, agents, and chatbot usage while maintaining compliance and security.
About Lasso
Lasso is a GenAI security platform that enhances security posture by autonomously monitoring all GenAI interactions, detecting risks in real-time, and enabling organizations to effortlessly safeguard their GenAI activities. Lasso is on a mission to empower organizations to confidently adopt GenAI without compromising on security or performance. For more information visit www.lasso.security.
Download now
Lasso Uncovers Sensitive Private GitHub Repositories from Fortune 500 Companies found Exposed inMicrosoft Copilot via Bing Cache
IBM,Google, PayPal and Microsoft itself are among the companies impacted LLMEngines emerge as a New Attack Vector for Data Exposure
Tel Aviv, February 26, 2025, Lasso, a leader in Gen AI security solutions, today announces the discovery of a critical exposure affecting thousands of private GitHub repositories that were revealed due to Microsoft Copilot and Bing’s caching mechanism. The vulnerability has exposed entire confidential archives that contain intellectual property, sensitive corporate data, access keys and tokens from major enterprises such as IBM, Google, Tencent, and PayPal, as well asMicrosoft itself.
Lasso initially discovered the issue when it's own private GitHub repository content appeared in Microsoft Copilot and was found indexed and cached by Bing. Upon further investigation, the research team at Lasso identified thousands of additional private repositories that had been similarly exposed. Some of these contained highly sensitive credentials, which, in certain cases, allowed unauthorized access to enterprise environments.
During the research, Lasso detected:
- Over 20,000 extracted GitHub repositories
- More than 100 internal Python and Node.js packages vulnerable to dependency confusion
- Over 300 exposed private tokens, keys, and secrets linked to GitHub, Hugging Face, GCP, OpenAI, and other platforms.
- This exposure has affected over 16,000 organizations.
Following the research, Lasso notified Microsoft of this issue in November 2024 and in January 2025, Microsoft changed its security policy and restricted public access to Bing’s cache. In addition, Lasso has also contacted all parties impacted by this vulnerability.
“Modern organizations must now operate under the assumption that any data leaving their network, even if public only momentarily, can be ingested by LLM engines and search engines, making it permanently accessible,” said Ophir Dror, CPO & Co-Founder at Lasso. “Some of this data may not be visible through traditional web searches, yet Copilot and other GenAI tools using indexed data may still retain and expose it.
Lasso’s Security Researcher Bar Lanyado adds, “This creates a new attack vector where a single prompt could unintentionally leak sensitive corporate information. Companies must recognize that it is more critical than ever to protect and sanitize outgoing data streams, controlling every bit of data that exits your parameter.”
Leading the development of GenAI security solutions, Lasso protects businesses that are integrating LLMs into their operations and enhances organization’s security posture by autonomously testing LLM apps, monitoring all GenAI interactions, detecting risks in real-time, and enabling advanced guardrails. With Lasso solutions, organizations can continuously test and protect GenAI models, apps, agents, and chatbot usage while maintaining compliance and security.
About Lasso
Lasso is a GenAI security platform that enhances security posture by autonomously monitoring all GenAI interactions, detecting risks in real-time, and enabling organizations to effortlessly safeguard their GenAI activities. Lasso is on a mission to empower organizations to confidently adopt GenAI without compromising on security or performance. For more information visit www.lasso.security.
