Tag

#developer secrets

2 articles

Megalodon Malware: GitHub Repo Compromise & Secret Theft

Analysis of the Megalodon malware campaign, which compromised over 5,500 GitHub repositories in six hours to steal developer credentials and sensitive secrets. Learn how

Runtime Rebel Intel

4 min read·May 26, 2026

HIGH

Supply Chain

Malicious node-ipc Versions Compromise Developer Secrets via Supply Chain

Three versions of the node-ipc npm package (9.1.6, 9.2.3, 12.0.1) contain stealer/backdoor functionality targeting developer secrets. Urgent update advised.

Runtime Rebel Intel

4 min read·May 14, 2026