Over 5,500 GitHub Repositories Infected in Megalodon Supply Chain Attack

📌 Over 5,500 GitHub repositories were infected in a supply chain attack dubbed "Megalodon," where fake automated commits injected malicious GitHub Actions workflows. These workflows contained payloads designed to steal credentials, CI secrets, keys, and tokens. The attack targeted GitHub’s ecosystem, leveraging compromised repositories to propagate malicious code. No specific dates, CVE IDs, or attribution details were provided in the report. The primary impact involved unauthorized access to sensitive authentication data stored in affected repositories.