AI Bot Hackerbot-Claw Targets Microsoft, DataDog and CNCF GitHub Repos

Security firm Pillar reveals the Chaos Agent in which Hackerbot-Claw, an AI agent, used natural language to compromise major GitHub projects and hijack developer tools.

Cybersecurity researchers from Pillar Security have detailed a new threat named Hackerbot-Claw, aka Chaos Agent. This marks the first time an AI agent has been caught carrying out a full-scale attack on software infrastructure using simple human language. Over a frantic 37-hour period in late February 2026, the automated attacker targeted major projects on GitHub, including those run by Microsoft, DataDog, and Aqua Security.

A Rapid Escalation

The campaign moved with machine speed, scanning for gaps and hijacking developer tools within minutes. It focused on CI/CD pipelines, the automated assembly lines that developers use to test and publish their code. By finding mistakes in how these pipelines were set up, the AI agent was able to sneak in malicious commands.

The operation began on ...