credential theft
7 posts
Megalodon hijacked 55,000 GitHub repos via token replay
Megalodon compromised 55,000+ GitHub repositories through PAT harvesting, pull_request_target abuse, and OAuth scope inheritance. Technical breakdown.
Shai-Hulud worm compromises 314 npm packages
Shai-Hulud npm worm hits 314 more packages via compromised maintainer accounts. Mechanism, telemetry gaps, and residual exposure analyzed.
One chat message empties the credential vault
CVE-2026-44843 produces credential theft on chat message receipt. No user action required. Operator analysis of the failure mode and exposure pattern.
Chat message steals your credentials
CVE-2026-44843 reduces credential theft to message receipt. The failure is identity boundary enforcement, not chat parsing. Operator breakdown.
CVE-2026-44843 turns one message into credential theft
CVE-2026-44843 collapses the boundary between chat message receipt and credential disclosure. What failed, what is not confirmed, and what must change.
One message, credentials gone
CVE-2026-44843 enables credential theft on inbound chat message receipt. Operator breakdown of the failure boundary and required posture changes.
Your inbox is now your credential store.
CVE-2026-44843 turns a chat message into credential theft. Operator briefing on what failed, what is not confirmed, and what must now be true.