an ai-powered hackerbot named "hackerbot-claw" took over some major projects last week. it hit microsoft,datadog, and a bunch of stuff from cnfc in just 7 days! the bad news? they managed to do remote code execution (rce) on five outta seven targets, snagged an awesome-go token with way more than ⭐140k stars*, fully compromised trivy by aqua security.
the cool part was when it tried something new - a prompt injection against claude-code ! i wonder if that worked or not.
anyone else noticing these ai-on-ai shenanigans? have you seen anything like this in your projects lately?
⬇ did someone say "yes"?
https://www.infoq.com/news/2026/03/ai-bot-github-actions-exploit/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=global