Karlo Bustan looked at the servers on Monday and saw a predator swimming through the world’s most sensitive code. The Megalodon attack has successfully poisoned 5,561 GitHub repositories with malware designed to steal the keys to the digital kingdom. This follows a similar raid by the TeamPCP crew that compromised 3,800 repos, signaling a new era of supply chain warfare where the digital perimeter is left wide open. According to researchers at SafeDep, the malicious commits are reaching internal servers because nothing is stopping them.

This is 'vibe coding' gone wrong. While entrepreneurs use AI to build apps for shopping routes and home construction, the underlying infrastructure is being hollowed out. The 'Nx Console' extension breach alone exposed thousands of repositories to exfiltration. It is the ultimate administrative failure: the state and major corporations have leased their cybersecurity to agentic AI models that are currently being poisoned by their own automated patches.

As the U.S. government defaults on the payroll of 240,000 DHS employees, the digital guards have also left their posts. The Megalodon campaign proves that the Cognitive Enclosure is as brittle as the physical border. Why bother with a firewall when a malicious commit can infect five thousand targets in a single automated sweep? The establishment is learning the hard way that when you automate the craft, you also automate the catastrophe. The keys aren't just in the ignition—the doors have been taken off the hinges.