glthub_actions, also referred to as the GitHub user glthub-actions, is an unknown threat actor attributed with high confidence to a 2026 supply-chain intrusion affecting the Cline VS Code extension ecosystem. According to the provided reporting, the actor abused a prompt-injection weakness in Cline’s Claude-powered GitHub issue triage workflow by creating GitHub issue cline/cline#8904 with a malicious title that caused attacker-controlled npm installation in CI. The attacker-hosted commit was served from the fork glthub-actions/cline and modified package.json to execute a preinstall script that fetched and ran a shell script from a glthub-actions-controlled GitHub gist. The activity reportedly also used GitHub Actions cache poisoning via the “Cacheract” technique so that a later nightly workflow restored the poisoned cache and exfiltrated secrets, including NPM_TOKEN, VSCE_PAT, and OVSX_PAT, with a Burp Collaborator endpoint cited as exfiltration infrastructure. The stolen NPM_TOKEN was then used to publish the unauthorized npm package cline@2.3.0 on Feb. 17, 2026. That package added a postinstall script to install openclaw@latest; the reporting states the CLI binary itself was unchanged and describes the incident as consistent with a proof-of-concept demonstration rather than a destructive malware campaign. The actor is also linked to testing a separate GitHub Actions injection flaw in New Relic’s test-oac-repository, which the reporting says is consistent with bug-bounty-style vulnerability hunting rather than a broad campaign. Known metadata directly mentioned in the content includes GitHub user ID 256690727 and email sec@w00.sh; the account was later deleted or suspended. The reporting explicitly states this actor is not Adnan Khan.
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
Who, where, and (when attributed) which flag flies behind the operation. Pulled from open-source reporting and Mallory's analyst review.
Sectors the actor has been observed targeting.
5 distinct techniques observed across reporting, grouped by tactic. Hover any cell for the evidence excerpt; click through for MITRE's full description.
1 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.