Skip to content

Let's Data ScienceLEARN • BUILD • STAY AHEAD

News
Blog
Code Problems
Pricing
Contact

© 2026 Let's Data Science

Advertise|Terms|Privacy||Image Rights

NewsGhostClaw Exploits GitHub And AI Workflows

Analysisinfostealermacosgithubai agents

GhostClaw Exploits GitHub And AI Workflows

|March 26, 2026

9.2

Relevance Score

GhostClaw Exploits GitHub And AI Workflows — Photo: gbhackers.com · rights & takedowns

Jamf Threat Labs and JFrog researchers this month detailed GhostClaw, a multi-stage macOS infostealer that now uses GitHub repositories and AI-assisted agent workflows to harvest credentials and deploy secondary payloads. They identified at least eight malicious repositories that build trust with benign code and then introduce install scripts or SKILL.md manifests enabling automated or copy-paste infection. Defenders should treat copied installs and AI-suggested shell steps as untrusted.

Scoring Rationale

High impact due to novel AI-agent delivery and credible vendor research; scope limited mainly to macOS developer workflows.

MoreAI Agents news→

Newsletter·Weekly · Free

Weekly AI News

A 5-minute Monday brief on AI & data science. Curated, no fluff.

Email address

No spam. Privacy.

Practice interview problems based on real data

1,500+ SQL & Python problems across 15 industry datasets — the exact type of data you work with.

Try 250 free problems

More AI & Data Science News

Google triples Gemini usage limits for Antigravity twice

Google triples Gemini usage limits for Antigravity twice

IDF establishes Alumot AI battlefield unit

IDF establishes Alumot AI battlefield unit

AI reshapes Korea's fashion retail and manufacturing

AI reshapes Korea's fashion retail and manufacturing

Tacit Knowledge Limits AI Coding Assistants

Tacit Knowledge Limits AI Coding Assistants

Back to News Feed

News on Let's Data Science is compiled from multiple public sources with editorial oversight. See our Editorial Standards and Corrections Policy.