Hackerbot-Claw: AI Bot Exploiting GitHub Actions – Microsoft, Datadog Hit So Far(www.stepsecurity.io)
11 pointsby varunsharma075 hours ago2 comments
  • varunsharma075 hours ago
    We analyzed an autonomous bot (hackerbot-claw) that's actively scanning GitHub repos for exploitable Actions workflows. It hit Microsoft, DataDog, a CNCF project, and awesome-go (140k stars) achieving RCE in 4 out of 5 targets and exfiltrating a GITHUB_TOKEN. Full breakdown of the 5 attack techniques with evidence.
  • aperi5 hours ago
    safe to say the root cause is bad PRs (untrusted)?
    • varunsharma075 hours ago
      The root cause is workflows that grant trust to untrusted inputs: pull_request_target that checks out and executes fork code with repo secrets, ${{ }} expressions that interpolate branch names/filenames into shell commands unsanitized, and issue_comment triggers with no author_association check.

      These attacks only work when maintainers opt into dangerous patterns without guardrails.