[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHML7EiWZOJqGYliqU5jNOSMRgvoP4q2Llk-v2TnX_xU":3},{"article":4,"iocs":47},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":27,"category":28,"article_tags":31},"97e4af32-6e53-4bd8-a35f-5c8e0fb9118c","Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos","feeding-frenzy-megalodon-malware-infects-thousands-of-github-repos-7e2522","In just six hours, the campaign quietly pushed thousands of malicious commits to more than 5,500 GitHub repositories, stealing credentials, developer secrets, and more.","A coordinated malware campaign dubbed 'Megalodon' compromised over 5,500 GitHub repositories in just six hours, injecting malicious commits designed to steal developer credentials, API keys, and other secrets. The attack exploited compromised accounts or access tokens to push code across a wide range of projects, representing a significant supply-chain threat to the software development ecosystem.","Megalodon malware campaign infects 5,500+ GitHub repos in six hours, stealing credentials and secrets.",null,"https:\u002F\u002Fwww.darkreading.com\u002Fapplication-security\u002Fmegalodon-malware-infects-thousands-github-repos","https:\u002F\u002Feu-images.contentstack.com\u002Fv3\u002Fassets\u002Fblt6d90778a997de1cd\u002Fbltc325e59502521a65\u002F6a15e639ac735951357db6b9\u002Fmegalodon_FlixPix_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale","2026-05-26T19:47:14+00:00","2026-05-26T22:00:15.208114+00:00",9,[18,21,24],{"name":19,"type":20},"Megalodon","campaign",{"name":22,"type":23},"GitHub","product",{"name":25,"type":26},"Git","technology","89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5",{"id":27,"icon":11,"name":29,"slug":30},"Malware","malware",[32,37,42],{"category":33},{"id":34,"icon":11,"name":35,"slug":36},"26b0b636-0e31-4db1-bffb-61bdf9f20a58","Supply Chain","supply-chain",{"category":38},{"id":39,"icon":11,"name":40,"slug":41},"ade75414-7914-4e23-a450-48b64546ee70","Open Source","open-source",{"category":43},{"id":44,"icon":11,"name":45,"slug":46},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[48],{"type":30,"value":19,"context":49},"GitHub repository injection campaign targeting developer credentials and secrets"]