Back to advisories

Clean GitHub repo tricks AI coding agents into running malware

Attackers are poisoning GitHub repositories with malware that executes when AI coding agents (Claude Code, etc.) process the repo and follow setup instructions. This bypasses traditional security scanners and human review, creating a direct path to RCE on developer machines and CI/CD pipelines. Any team using AI agents for code review, dependency management, or automation is at immediate risk.

CRITICALAdvisoryJun 28, 2026
Action required
Immediately audit your CI/CD pipelines and development environments for AI agent integrations. Disable or sandbox AI code execution features until you can implement guardrails. Hunt for suspicious process execution (reverse shells, outbound connections) tied to recent GitHub clones or AI agent activity.
Affected products
Claude CodeMozilla