Storia in 4 fonti

Claude Code, una sola issue su GitHub poteva dirottare qualunque repository

Una singola issue aperta da una finta GitHub App poteva aggirare i controlli della Claude Code GitHub Action e rubare via prompt injection i token per ottenere accesso in scrittura a qualunque repository. Anthropic ha corretto il problema nella v1.0.94

Raccontata da

Confronto fonti

4 prospettive sulla stessa storia

AI · summaries

hwupgrade.itStai leggendo2 g fa

Claude Code, una sola issue su GitHub poteva dirottare qualunque repository

originale

thehackernews.com3 g fa

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A flaw in Anthropic’s Claude Code GitHub Action allowed a malicious GitHub issue from a bot actor to trigger workflows and gain write access to repos.

Leggi questa versione → originale

thenextweb.com3 g fa

Claude Code GitHub Action flaw enabled repository hijacking

A flaw in Claude Code's GitHub Action let attackers bypass permission checks via fake bots and steal OIDC tokens through prompt injection.

Leggi questa versione → originale

dev.to4 g fa

Comment and Control: a GitHub comment hijacks Claude Code in CI

GitHub comments could hijack Claude Code in CI and exfiltrate secrets via prompt injection; Anthropic rated it CVSS 9.4 Critical. The flaw is structural: agents read untrusted input. The fix is firewall tool calls with Clampd to block recon and exfiltration.

Leggi questa versione → originale

Timeline cronologica

mercoledì 3 giugno 2026·dev.to
Comment and Control: a GitHub comment hijacks Claude Code in CI
A security researcher showed that a GitHub PR title, issue body, or comment could become a prompt...
giovedì 4 giugno 2026·thenextweb.com
Claude Code GitHub Action flaw enabled repository hijacking
A flaw in Claude Code's GitHub Action let attackers bypass permission checks via fake bots and steal OIDC tokens through prompt injection.
giovedì 4 giugno 2026·thehackernews.com
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
A flaw in Anthropic’s Claude Code GitHub Action allowed a malicious GitHub issue from a bot actor to trigger workflows and gain write access to repos.
venerdì 5 giugno 2026·dev.to
One Malicious GitHub Issue Was All It Took to Hijack a Claude Code Agent
A researcher disclosed a vulnerability in the Claude Code GitHub Action that let an attacker submit a...
venerdì 5 giugno 2026·hwupgrade.it
Claude Code, una sola issue su GitHub poteva dirottare qualunque repository
Una singola issue aperta da una finta GitHub App poteva aggirare i controlli della Claude Code GitHub Action e rubare via prompt injection i token per ottenere accesso in…

Claude Code, una sola issue su GitHub poteva dirottare qualunque repository

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

Claude Code GitHub Action flaw enabled repository hijacking

Comment and Control: a GitHub comment hijacks Claude Code in CI

Timeline cronologica

Comment and Control: a GitHub comment hijacks Claude Code in CI

Claude Code GitHub Action flaw enabled repository hijacking

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

One Malicious GitHub Issue Was All It Took to Hijack a Claude Code Agent

Claude Code, una sola issue su GitHub poteva dirottare qualunque repository

Claude Code, una sola issue su GitHub poteva dirottare qualunque repository

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

Claude Code GitHub Action flaw enabled repository hijacking

Comment and Control: a GitHub comment hijacks Claude Code in CI

Timeline cronologica

Comment and Control: a GitHub comment hijacks Claude Code in CI

Claude Code GitHub Action flaw enabled repository hijacking

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

One Malicious GitHub Issue Was All It Took to Hijack a Claude Code Agent

Claude Code, una sola issue su GitHub poteva dirottare qualunque repository