Megalodon chums the waters in 5.5K+ GitHub repo poisonings

A widespread supply-chain campaign called “Megalodon” injected malicious commits into over 5,500 GitHub repositories; if merged, the commits execute inside CI/CD pipelines and deploy credential-stealing malware. The malicious code harvests cloud provider credentials (AWS, GCP, Azure), SSH keys, Docker/Kubernetes configurations, Vault and Terraform secrets, and exfiltrates GitHub/Bitbucket tokens, enabling attacker impersonation and further spread; researchers traced commits to automated-like authors (build-bot, ci-bot) and published a list of compromised repositories.