An autonomous AI bot called "hackerbot-claw" — claiming to be powered by Claude Opus 4.5 — just went on a week-long hacking spree targeting major GitHub repositories, including projects from Microsoft, DataDog, Aqua Security, and the Cloud Native Computing Foundation. In just 7 days, it: 🔍 Scanned 47,000+ repositories for misconfigured CI/CD workflows 💥 Achieved remote code execution in at least 4 targets 🔑 Stole GitHub tokens with write permissions ☠️ Fully compromised Trivy — one of the most popular open-source security scanners (32K+ stars, 100M+ annual downloads) — deleting releases and pushing a malicious VS Code extension The bot used 5 different exploitation techniques, adapting its approach to each target's specific setup — not a simple script, but a contextually aware agent. The one repo that survived? One using Claude as a code reviewer — which detected the prompt injection attempt and refused to comply. 🛡️ We're entering an era where AI agents attack other AI agents. The attack surface for software supply chains just got a lot wider. Source: Cybernews