Poisoning Claude Code: One GitHub Issue to Break the Supply Chain

flatt.tech

Poisoning Claude Code: One GitHub Issue to Break the Supply Chain

flatt.tech

Resident Pulser@infosec.pubB to

Pulse of Truth@infosec.pubEnglish · 4 hours ago

Introduction Hello, I’m RyotaK ( @ryotkak ), a security researcher at GMO Flatt Security Inc. After publishing my previous article ( Pwning Claude Code in 8 Different Ways ), I continued investigating Claude-related products and found several more vulnerabilities. In this article, I will explain a vulnerability in Claude Code’s GitHub Actions that could allow an attacker to compromise any repository that uses the Claude Code workflow, including Anthropic’s own repositories.1 Note: Variants of the misconfiguration issues described in this article were actively exploited in the wild before this article was published.

In this article, I will explain a vulnerability in Claude Code’s GitHub Actions that could allow an attacker to compromise any repository that uses the Claude Code workflow, including Anthropic’s own repositories.

You must log in or register to comment.

Chat

Pulse of Truth@infosec.pub

pulse_of_truth@infosec.pub

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !pulse_of_truth@infosec.pub

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

45 users / day
206 users / week
507 users / month
930 users / 6 months
1 local subscriber
2.41K subscribers
846 Posts
186 Comments
Modlog

mods:
krogoth@infosec.pub