Ep. 12 – Megalodon Malware Campaign Infects Thousands of GitHub Repos

Port 443 · Episode 12 · May 27, 2026 · 22:10

Megalodon Malware Campaign Infects Thousands of GitHub Repos

The Megalodon campaign hit 5,561 GitHub repositories in six hours, weaponizing CI/CD pipelines with direct poisoned pipeline execution and stolen Infostealer credentials.

Show notes

Overview: Port 443 dives into the Megalodon campaign that hit 5,561 GitHub repositories in six hours, the Laravel Lang supply chain attack, and pragmatic hardening steps for CI/CD pipelines.
Tags: cybersecurity, malware, supply-chain, GitHub, CI/CD

Links and references

cybersecurity
malware
supply-chain
GitHub
CI/CD

Episode Outline

Timestamped topic guide generated from the episode audio for quick scanning.

Loading transcript... [00:00] The Megalodon campaign hit 5,561 GitHub repositories in six hours, weaponizing CI/CD pipelines with direct poisoned pipeline execution and stolen Infostealer credentials.