Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack

| May 25th, 2026

By Ionut Arghire

Fake automated commits injected GitHub Actions workflows containing payloads to steal credentials, CI secrets, keys, and tokens.

The post Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack appeared first on SecurityWeek.

…read more

Source:: securityweek


Print pagePDF pageEmail page

Posted on Monday, May 25th, 2026 at 7:40 am in Uncategorized | rss feed for comments| Leave a response, or trackback

Leave a Reply

You must be logged in to post a comment.