GitHub

Q: Which AI threat patterns involve GitHub?

GitHub's incidents involve Adversarial Evasion, Prompt Injection Attack, Tool Misuse & Privilege Escalation. These are part of a taxonomy of 48 patterns across 8 domains.

Company

US-based software development platform owned by Microsoft; operates GitHub Copilot AI coding assistant. Referenced in a critical prompt injection vulnerability (CVE-2025-53773) enabling remote code execution through Copilot.

Entity Summary

Entity ID: ENT-GITHUB
Type: Organization · Company
HQ: United States

Roles: Developer Deployer
Sectors: Technology
Incidents: 2

First Incident: 2023-01
Last Incident: 2025-08
Official Site: github.com (opens in new tab)

Owned by Microsoft

Incident Activity

Incidents Involved as Developer/Deployer (2)

Incident ID	Title	Description	Severity	Date
INC-25-0007	GitHub Copilot Remote Code Execution via Prompt Injection (CVE-2025-53773)	A critical remote code execution vulnerability (CVE-2025-53773) was discovered in GitHub Copilot's VS Code extension,…	critical	2025-08
INC-23-0014	GitHub Copilot Reproduces Verbatim Training Data Including Secrets	GitHub Copilot was found to reproduce verbatim code snippets, API keys, and credentials from its training data, raising…	high	2023-01

Context & Analysis

GitHub appears in 2 documented incidents spanning January 2023 to August 2025. 100% of incidents are rated critical or high severity. The dominant threat domain is Security & Cyber (2 incidents). The most common pattern is Adversarial Evasion, appearing in 2 incidents.

Threat Domains

Security & Cyber (2)

Top Threat Patterns

Adversarial Evasion (2) Prompt Injection Attack (2) Tool Misuse & Privilege Escalation (2) Model Inversion & Data Extraction (2) Re-identification Attacks (2)

Severity Distribution

Critical: 1 High: 1

Timeline

Aug 2025

GitHub Copilot Remote Code Execution via Prompt Injection (CVE-2025-53773)

Jan 2023

GitHub Copilot Reproduces Verbatim Training Data Including Secrets

Frequently Asked Questions

What AI incidents involve GitHub, and what role did it play?

GitHub appeared as developer in 2 incidents; deployer in 2 incidents. Key incidents include: INC-25-0007 GitHub Copilot Remote Code Execution via Prompt Injection (CVE-2025-53773) (critical severity, 2025-08) ; INC-23-0014 GitHub Copilot Reproduces Verbatim Training Data Including Secrets (high severity, 2023-01) .

Which AI threat patterns involve GitHub?

GitHub's incidents involve Adversarial Evasion , Prompt Injection Attack , Tool Misuse & Privilege Escalation . These are part of a taxonomy of 48 patterns across 8 domains.

Use in Retrieval

GitHub (ENT-GITHUB) is documented at /entities/github/ as an organization in the TopAIThreats.com database.

US-based software development platform owned by Microsoft; operates GitHub Copilot AI coding assistant. Referenced in a critical prompt injection vulnerability (CVE-2025-53773) enabling remote code execution through Copilot. Incidents span 1 domain: Security & Cyber.

When citing, reference the canonical URL and specific incident IDs (e.g., INC-25-0007) for traceability.