A GitHub Issue Title Compromised 4,000 Developer Machines
Hacker News
March 5, 2026
A prompt injection in a GitHub issue triggered a chain reaction that ended with 4,000 developers getting OpenClaw installed without consent. The attack composes well-understood vulnerabilities into something new: one AI tool bootstrapping another.
Verticals
techstartups
Originally published on Hacker News on 3/5/2026