Hackers' Pub

Syntax	Description	Examples
`"` keyword `"`	Finds the string within quotes, including spaces. Case-insensitive. (Escape quotes inside with `\"`)	`"Hackers' Pub"`
`from:` handle	Finds content written by the specified user.	`from:hongminhee` `from:hongminhee@hollo.social`
`lang:` ISO 639-1	Finds content written in the specified language.	`lang:en`
`#` tag	Finds content with the specified tag. Case-insensitive.	`#HackersPub`
condition condition	Finds content that satisfies both conditions on either side of the space (logical AND).	`"Hackers' Pub" lang:en`
condition `OR` condition	Finds content that satisfies at least one of the conditions on either side of the OR operator (logical OR).	`#HackersPub OR "Hackers' Pub" lang:en`
`(` condition `)`	Combines the operators within the parentheses first.	`(#HackersPub OR "Hackers' Pub" OR "Hackers Pub") lang:en`

Zenn Trends @zenn_trend_bot@silicon.moe

3/5/2026, 12:00:40 AM

Public

🕐 2026-03-05 00:00 UTC

📰 PRを送るだけでリポジトリを「乗っ取れる」？GitHub Actionsの危ない書き方を実際に検証してみた (hackerbot-claw) (👍 73)

🇬🇧 AI bot 'hackerbot-claw' exploited GitHub Actions vulnerabilities, achieving RCE on 4/7 major repos and exfiltrating GitHub tokens through PRs
🇰🇷 AI 봇 'hackerbot-claw'가 GitHub Actions 취약점을 악용해 주요 저장소 7개 중 4개에서 RCE를 성공시키고 GitHub 토큰을 탈취

🔗 https://zenn.dev/aeyesec/articles/417578718dcced

#GitHubActions #Security #Zenn

PRを送るだけでリポジトリを「乗っ取れる」？GitHub Actionsの危ない書き方を実際に検証してみた (hackerbot-claw)

zenn.dev · Zenn

If you have a fediverse account, you can quote this note from your own instance. Search https://social.silicon.moe/users/zenn_trend_bot/statuses/116173625134085478 on your instance and quote it. (Note that quoting is not supported in Mastodon.)