Hackerbot-Claw: AI Bot Exploiting GitHub Actions – Microsoft, Datadog Hit So Far
varunsharma07
12 points
3 comments
March 01, 2026
Related Discussions
Found 5 related stories in 1077.6ms across 14,015 title embeddings via pgvector HNSW
- GitHub Actions is the weakest link dochtman · 226 pts · April 28, 2026 · 62% similar
- A GitHub Issue Title Compromised 4k Developer Machines edf13 · 368 pts · March 05, 2026 · 62% similar
- What happened after 2k people tried to hack my AI assistant cuchoi · 64 pts · June 26, 2026 · 60% similar
- Megalodon: Mass GitHub Repo Backdooring via CI Workflows Sudhanshu2310 · 14 pts · May 21, 2026 · 60% similar
- GitHub just suspended GitHub-actions[bot] jaakkonen · 17 pts · May 26, 2026 · 59% similar
Discussion Highlights (2 comments)
varunsharma07
We analyzed an autonomous bot (hackerbot-claw) that's actively scanning GitHub repos for exploitable Actions workflows. It hit Microsoft, DataDog, a CNCF project, and awesome-go (140k stars) achieving RCE in 4 out of 5 targets and exfiltrating a GITHUB_TOKEN. Full breakdown of the 5 attack techniques with evidence.
aperi
safe to say the root cause is bad PRs (untrusted)?