Claude Code’s GitHub Actions Vulnerability Lets Attackers Compromise Any Repository

📅 2 June 2026 at 11:13 UTC📰 Cyber Security NewsView original source ↗

A critical supply chain vulnerability in Claude Code’s GitHub Actions that could allow attackers to compromise any repository using Anthropic’s official CI/CD workflow, including Anthropic’s own infrastructure. The vulnerability, discovered by security researcher RyotaK of GMO Flatt Security and patched in Claude Code GitHub Actions v1.0.94, stems from a flawed permission model in the checkWritePermissions […] The post Claude Code’s GitHub Actions Vulnerability Lets Attackers Compromise Any Repository appeared first on Cyber Security News.

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News ↗

← Back to feed