{"id":60720,"date":"2026-05-22T18:57:14","date_gmt":"2026-05-22T18:57:14","guid":{"rendered":"https:\/\/www.theregister.com\/a\/5245342"},"modified":"2026-05-22T18:57:14","modified_gmt":"2026-05-22T18:57:14","slug":"megalodon-chums-the-waters-in-5-5k-github-repo-poisonings","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/","title":{"rendered":"Megalodon chums the waters in 5.5K+ GitHub repo poisonings"},"content":{"rendered":"
<\/div>\n
\n

Security<\/p>\n

Will Jason Statham save us?<\/p>\n<\/p><\/div>\n

\n

A malware-spreading scumbag swimming through GitHub pushed malicious commits to more than 5,500 repositories on Monday as part of an automated campaign called Megalodon.<\/p>\n

Similar to the earlier TeamPCP attacks<\/a> that poisoned about 3,800 GitHub repositories, this new campaign has so far infected 5,561 repos with CI\/CD credential-stealing malware, according to SafeDep researchers, who uncovered the predatory commits and published a full list of the compromised repositories<\/a>.<\/p>\n

If a repository owner merges the commit, the malware executes inside their CI\/CD pipeline and propagates further, Ox Security lead researcher Moshe Siman Tov Bustan said<\/a> in a Thursday blog post.<\/p>\n

Megalodon steals AWS secret keys and Google Cloud access tokens. It also queries AWS, Google Cloud Platform, and Azure metadata for instance role credentials, reads SSH private keys, Docker and Kubernetes configurations, Vault tokens, Terraform credentials, and scans source code for more than 30 secret regex patterns. Then it exfiltrates GitHub tokens, including secrets used to authenticate with cloud providers, thus allowing attackers to impersonate developers\u2019 cloud identities, along with Bitbucket tokens.<\/p>\n

In other words: consider ALL of your CI\/CD variables pwned.<\/p>\n

“We\u2019ve entered a new supply chain attack era, and TeamPCP compromising GitHub was only the beginning,\u201d Bustan told The Register<\/span>. \u201cWhat\u2019s coming next is an endless wave, a tsunami of cyber attacks on developers worldwide.\u201d<\/p>\n

Plus, he added, hacking GitHub \u201ccompromises the security of every company with a private repository hosted on the platform.\u201d<\/p>\n

\n
\n

Malicious code is still reaching their servers, and nothing is stopping it before it does <\/h3>\n<\/p><\/div>\n<\/div>\n

This new wave of supply chain attacks hitting developers\u2019 environments won\u2019t stop until \u201ccompanies like npm and GitHub take serious action against the spread of malicious code on their servers,\u201d Bustan said.<\/p>\n

He noted npm\u2019s statement on X saying it \u201cinvalidated npm granular access tokens with write access that bypass 2FA\u201d to prevent additional supply-chain attacks like Mini Shai Hulud<\/a>.<\/p>\n

\u201cThat could help a little with account hijacking, but it doesn\u2019t solve the actual problem,\u201d Bustan said. \u201cMalicious code is still reaching their servers, and nothing is stopping it before it does.\u201d<\/p>\n

npm \u2026 but not TeamPCP<\/h3>\n

SafeDep spotted Megalodon hidden inside a legitimate package: Tiledesk<\/a>, an open source live chat and chatbot platform. The attacker backdoored versions 2.18.6 (May 19) through 2.18.12 (May 21), and the same npm maintainer published the last clean version, 2.18.5, before unknowingly publishing these newer compromised versions. <\/p>\n

\u201cThe attacker never touched the npm account,\u201d the open source supply-chain security startup researchers said<\/a>. \u201cThey compromised the GitHub repository<\/a>, and the maintainer published from the poisoned source without realizing it.\u201d<\/p>\n

While publishing malicious packages on npm<\/a> is a TeamPCP signature move<\/a>, Bustan said there\u2019s no threat-intel or code-analysis evidence that connects Megalodon to the crew behind the Trivy<\/a>, Checkmarx<\/a>, and other recent supply-chain attacks<\/a>. \u201cOur best guess now is that it’s a different threat actor copying their behavior and style, but not much of the code itself,\u201d he told us.<\/p>\n

And despite TeamPCP open sourcing<\/a> its Shai-Hulud worm and announcing a supply-chain attack competition on BreachForums, Ox doesn\u2019t believe Megalodon is a contest entry.<\/p>\n

\u201cWe have indications that they are not participating in the TeamPCP contest due to the contest having a specific rule to add a public encryption key that the actor behind the malware could match with his private key to prove his involvement,\u201d Bustan said.<\/p>\n

Who is built-bot?<\/h3>\n

SafeDep\u2019s threat hunters traced the malicious commit (acac5a9<\/a>) to an author \u201cbuild-bot,\u201d connected to the email address build-system[@]noreply.dev with the message \u201cci: add build optimization step.\u201d<\/p>\n

\n
\n

MORE CONTEXT<\/h2>\n<\/p><\/div>\n<\/div>\n

The author name and noreply email mimic automated CI commits, and there\u2019s no GitHub account linked to the author and committer user fields. \u201cSomeone pushed the commit to master with no PR and no merge commit, using a compromised PAT or deploy key,\u201d according to the researchers. <\/p>\n

They searched GitHub for other commits authored by the same email address and found 2,878 results, plus a second email, ci-bot@automated.dev, with an additional 2,841 commits. All landed May 18 during a six-hour window (11:36 to 17:48 UTC) and targeted 5,561 repositories.<\/p>\n

This includes nine compromised Tiledesk repositories: tiledesk-server, tiledesk-dashboard, tiledesk-telegram-connector, tiledesk-llm, tiledesk-docker-proxy, tiledesk-community-app, tiledesk-campaign-dashboard, tiledesk-helpcenter-template, and tiledesk-ai. Others include Black-Iron-Project with eight compromised repos, WISE-Community, and hundreds of smaller repositories. \u00ae<\/p>\n<\/p><\/div>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Will Jason Statham save us? READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":60721,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[307],"class_list":["post-60720","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register","tag-security"],"yoast_head":"\nMegalodon chums the waters in 5.5K+ GitHub repo poisonings 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Megalodon chums the waters in 5.5K+ GitHub repo poisonings 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-22T18:57:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/image.theregister.com\/227881.jpg?imageId=227881&x=0&y=0&cropw=100&croph=100&panox=0&panoy=0&panow=100&panoh=100&width=1200&height=683\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Megalodon chums the waters in 5.5K+ GitHub repo poisonings\",\"datePublished\":\"2026-05-22T18:57:14+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\\\/\"},\"wordCount\":723,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings.jpg\",\"keywords\":[\"Security\"],\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\\\/\",\"name\":\"Megalodon chums the waters in 5.5K+ GitHub repo poisonings 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings.jpg\",\"datePublished\":\"2026-05-22T18:57:14+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings.jpg\",\"width\":100,\"height\":75},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Megalodon chums the waters in 5.5K+ GitHub repo poisonings\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Megalodon chums the waters in 5.5K+ GitHub repo poisonings 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/","og_locale":"en_US","og_type":"article","og_title":"Megalodon chums the waters in 5.5K+ GitHub repo poisonings 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2026-05-22T18:57:14+00:00","og_image":[{"url":"https:\/\/image.theregister.com\/227881.jpg?imageId=227881&x=0&y=0&cropw=100&croph=100&panox=0&panoy=0&panow=100&panoh=100&width=1200&height=683","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Megalodon chums the waters in 5.5K+ GitHub repo poisonings","datePublished":"2026-05-22T18:57:14+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/"},"wordCount":723,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/05\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings.jpg","keywords":["Security"],"articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/","url":"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/","name":"Megalodon chums the waters in 5.5K+ GitHub repo poisonings 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/05\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings.jpg","datePublished":"2026-05-22T18:57:14+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/05\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/05\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings.jpg","width":100,"height":75},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/megalodon-chums-the-waters-in-5-5k-github-repo-poisonings\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.threatshub.org\/blog\/tag\/security\/"},{"@type":"ListItem","position":3,"name":"Megalodon chums the waters in 5.5K+ GitHub repo poisonings"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/60720","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=60720"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/60720\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/60721"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=60720"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=60720"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=60720"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}