diff --git a/docs/about/features.md b/docs/about/features.md
index 8ed342bc..de67797d 100644
--- a/docs/about/features.md
+++ b/docs/about/features.md
@@ -24,7 +24,7 @@ provides on overview of Headscale's feature and compatibility with the Tailscale
 - [x] Access control lists ([GitHub label "policy"](https://github.com/juanfont/headscale/labels/policy%20%F0%9F%93%9D))
     - [x] ACL management via API
     - [x] Some [Autogroups](https://tailscale.com/kb/1396/targets#autogroups), currently: `autogroup:internet`,
-      `autogroup:nonroot`, `autogroup:member`, `autogroup:tagged`, `autogroup:self`
+      `autogroup:nonroot`, `autogroup:member`, `autogroup:tagged`, `autogroup:self`, `autogroup:danger-all`
     - [x] [Auto approvers](https://tailscale.com/kb/1337/acl-syntax#auto-approvers) for [subnet
       routers](../ref/routes.md#automatically-approve-routes-of-a-subnet-router) and [exit
       nodes](../ref/routes.md#automatically-approve-an-exit-node-with-auto-approvers)
diff --git a/docs/ref/acls.md b/docs/ref/acls.md
index 4a4793e7..73417cf1 100644
--- a/docs/ref/acls.md
+++ b/docs/ref/acls.md
@@ -286,3 +286,9 @@ Used in Tailscale SSH rules to allow access to any user except root. Can only be
   "users": ["autogroup:nonroot"]
 }
 ```
+
+### `autogroup:danger-all`
+
+This autogroup resolves to all IP addresses (`0.0.0.0/0` and `::/0`) which also includes all IP addresses outside the
+standard Tailscale IP ranges. [This autogroup can only be used as
+source](https://tailscale.com/docs/reference/targets-and-selectors#autogroupdanger-all).