[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"focus:clean-github-repo-tricks-ai-coding-agents-into-running-malware-mqyc7t3n":3},{"item":4},{"id":5,"title":6,"slug":7,"summary":8,"severity":9,"category":10,"cve_ids":11,"affected_products":12,"action_required":15,"article_ids":16,"ioc_summary":18,"source_urls":19,"status":21,"expires_at":22,"created_at":23,"updated_at":24,"articles":25},"c7e599a1-002a-4269-9da6-bf4e3f811770","Clean GitHub repo tricks AI coding agents into running malware","clean-github-repo-tricks-ai-coding-agents-into-running-malware-mqyc7t3n","Attackers are poisoning GitHub repositories with malware that executes when AI coding agents (Claude Code, etc.) process the repo and follow setup instructions. This bypasses traditional security scanners and human review, creating a direct path to RCE on developer machines and CI\u002FCD pipelines. Any team using AI agents for code review, dependency management, or automation is at immediate risk.","critical","advisory",[],[13,14],"Claude Code","Mozilla","Immediately audit your CI\u002FCD pipelines and development environments for AI agent integrations. Disable or sandbox AI code execution features until you can implement guardrails. Hunt for suspicious process execution (reverse shells, outbound connections) tied to recent GitHub clones or AI agent activity.",[17],"02df979d-6647-458a-bd5f-2bc00b41997a",null,[20],"https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fclean-github-repo-tricks-ai-coding-agents-into-running-malware\u002F","archived","2026-06-30T22:05:13.183+00:00","2026-06-28T22:05:20.814458+00:00","2026-06-30T22:05:37.727409+00:00",[26],{"id":17,"title":6,"url":20}]