More than 5,500 GitHub repositories were infected with malware in a supply chain attack, dubbed Megalodon, on May 18 that relies on automated commits (Ionut Arghire/SecurityWeek)
·
0 reactions
·
0 comments
·
15 views
Ionut Arghire / SecurityWeek : More than 5,500 GitHub repositories were infected with malware in a supply chain attack, dubbed Megalodon, on May 18 that relies on automated commits — Fake automated commits injected GitHub Actions workflows containing payloads to steal credentials, CI secrets, keys, and tokens.
Original article
Techmeme
Anonymous · no account needed
Discussion
0 commentsMore from Techmeme
How LinkedIn is transforming into a "post-cringe" social network as it courts high-profile influencers, who are building audiences on corporate-friendly topics (Isabella Kwai/New York Times)
Techmeme·10
Report: in May, supply of unsecured bonds from hyperscalers passed $155B, up over 45% from 2025's total issuance; some AI-infra bond sales are 4x oversubscribed (Caleb Mutua/Bloomberg)
Techmeme·12
White House AI advisor Sriram Krishnan says he will leave his role at the end of June; sources: Krishnan plans to start a pro-Trump AI policy institution (Leo Schwartz/The Information)
Techmeme·15
Raspberry Pi closed up 27%+ on June 5 after saying it expects adjusted EBITDA of at least $38M in H1, putting it on track to beat $42M est. for the full year (Financial Times)
Techmeme·13
Kalshi and Polymarket sponsored X posts promoting viral LA mayoral election fraud conspiracy theories; Kalshi says it asked its paid influencers to remove posts (Max Tani/Semafor)
Techmeme·15
Paris-listed Teleperformance, the world's largest customer service company, has become one of Europe's most shorted stocks, as hedge funds bet on AI disruption (Ramsay Hodgson/Financial Times)
Techmeme·15