Hackerbot-Claw: AI Bot Exploiting GitHub Actions – Microsoft, Datadog Hit So Far
varunsharma07
12 points
3 comments
March 01, 2026
Related Discussions
Found 5 related stories in 58.6ms across 3,471 title embeddings via pgvector HNSW
- A GitHub Issue Title Compromised 4k Developer Machines edf13 · 368 pts · March 05, 2026 · 62% similar
- Supply-chain attack using invisible code hits GitHub and other repositories tannhaeuser · 14 pts · March 15, 2026 · 58% similar
- Show HN: Mozilla.ai introduces Clawbolt, an AI Assistant for the trades river_otter · 11 pts · March 03, 2026 · 57% similar
- Show HN: Open-source playground to red-team AI agents with exploits published zachdotai · 21 pts · March 15, 2026 · 57% similar
- An experiment to use GitHub Actions as a control plane for a PaaS baijum · 13 pts · March 16, 2026 · 56% similar
Discussion Highlights (2 comments)
varunsharma07
We analyzed an autonomous bot (hackerbot-claw) that's actively scanning GitHub repos for exploitable Actions workflows. It hit Microsoft, DataDog, a CNCF project, and awesome-go (140k stars) achieving RCE in 4 out of 5 targets and exfiltrating a GITHUB_TOKEN. Full breakdown of the 5 attack techniques with evidence.
aperi
safe to say the root cause is bad PRs (untrusted)?