SECURITYTHE REGISTER
Megalodon chums the waters in 5.5K+ GitHub repo poisonings
A malware campaign called Megalodon poisoned over 5,500 GitHub repositories with CI/CD credential-stealing malware, stealing AWS keys, Google Cloud tokens, and other sensitive credentials. The attack, discovered by SafeDep researchers, was distributed through a compromised Tiledesk package on npm, marking an escalation in supply chain attacks targeting developers.
Mentioned
Related Signal
Adjacent reporting
- GitHub links repo breach to TanStack npm supply-chain attack
- New Shai-Hulud malware wave compromises 600 npm packages
- North Korean hackers implicated in major supply chain attack
- Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
- SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware
- Cache-poisoning caper turns TanStack npm packages toxic