Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack

📅 25 May 2026 at 07:40 UTC📰 Security WeekView original source ↗

Fake automated commits injected GitHub Actions workflows containing payloads to steal credentials, CI secrets, keys, and tokens. The post Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack appeared first on SecurityWeek.

Read the full article

This is a curated summary. The complete article is available at Security Week.

Read on Security Week ↗

← Back to feed