SecurityWeek

Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack

The Megalodon supply chain attack poisoned over 5,500 GitHub repositories via automated commits injecting GitHub Actions workflows.
Dark Reading

Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos

In just six hours, the campaign quietly pushed malware to more than 5,500 GitHub repositories, stealing credentials, ...

This AI-coded malware apparently leaked its own GitHub private token

Whoopsie.
Cryptopolitan on MSN

Binance founder warns developers to rotate API keys after GitHub internal repository exposure

Binance CZ urges developers to rotate API keys following the exposure of a GitHub internal repository.