Critical RCEs and credential leaks: Microsoft SharePoint, CISA AWS exposure, MuddyWater espionage

This intelligence briefing reports several high-risk incidents: Microsoft patched a critical SharePoint RCE (CVE-2026-45659); a CISA contractor exposed AWS GovCloud credentials on GitHub; MuddyWater conducted a DLL side-loading espionage campaign across nine countries; the 'Megalodon' malware campaign pushed malicious commits to over 5,500 GitHub repositories to steal developer credentials; and a KnowledgeDeliver zero-day was exploited to install Godzilla web shells—immediate patching, credential rotation, and targeted threat-hunting are recommended.