More

varunsharma07 · 2026-03-15T21:37:28 1773610648

The StepSecurity threat intelligence team discovered that dev-protocol — a verified GitHub organization with 568 followers belonging to a legitimate Japanese DeFi project — has been hijacked and is now being used to distribute malicious Polymarket trading bots.

varunsharma07 · 2026-03-14T16:39:35 1773506375

An attacker is compromising hundreds of GitHub accounts and injecting identical malware into hundreds of Python repositories. The earliest injections date to March 8, 2026, and the campaign is still active with new repos continuing to be compromised.

varunsharma07 · 2026-03-01T09:54:17 1772358857

The root cause is workflows that grant trust to untrusted inputs: pull_request_target that checks out and executes fork code with repo secrets, ${{ }} expressions that interpolate branch names/filenames into shell commands unsanitized, and issue_comment triggers with no author_association check.

These attacks only work when maintainers opt into dangerous patterns without guardrails.

varunsharma07 · 2026-03-01T09:22:56 1772356976

We analyzed an autonomous bot (hackerbot-claw) that's actively scanning GitHub repos for exploitable Actions workflows. It hit Microsoft, DataDog, a CNCF project, and awesome-go (140k stars) achieving RCE in 4 out of 5 targets and exfiltrating a GITHUB_TOKEN. Full breakdown of the 5 attack techniques with evidence.

alexellisuk · 2026-03-02T07:45:19 1772437519

I think it says something about the current focus and mindset, that this got 12 upvotes, despite you having posted it three times.

We also care about security for CI and production workloads (actuated/slicervm). I would have liked to have seen more people becoming aware of this, and taking action.

The CLAUDE_CODE_OAUTH_TOKEN exfil is interesting. When our code review both runs, it thinks it has a valid LLM token, but it's a dummy API key that's replaced through MITM on egress. (Not a product, just something we've found very valuable internally.. )

https://blog.alexellis.io/ai-code-review-bot/

varunsharma07 · 2026-02-18T10:14:38 1771409678

cline@2.3.0 was published with a malicious post-install script that silently installs OpenClaw on any machine running npm install.

varunsharma07 · 2025-12-03T19:55:20 1764791720

A case study on detecting npm supply chain attacks through runtime monitoring and baseline anomaly detection

varunsharma07 · 2025-08-27T16:49:46 1756313386

Thanks! I had also posted on HN 9 hours before this submission: https://news.ycombinator.com/item?id=45035115 Would be great if HN admins can update the link for this story

varunsharma07 · 2025-08-27T03:19:30 1756264770

Nx package on npm hijacked to steal cryptocurrency wallets, GitHub/npm tokens, SSH keys, and environment secrets through sophisticated exfiltration attack

varunsharma07 · 2025-08-14T17:31:04 1755192664

How an AWS release rollback triggered the same red flags as a supply chain attack and why treating every semantic version tag change as suspicious is key to protecting your CI/CD pipelines

varunsharma07 · 2025-07-28T16:55:21 1753721721

Popular Python Package num2words v0.5.15 Published Without Repository Tag, Linked to Known Threat Actor