session Replay

State of Cybercrime: Megalodon Poisons GitHub

Watch as Matt and David break down the “Megalodon” attack, which exposed the supply chain as the weakest link—poisoning over 5,500 GitHub repos in six hours and quietly harvesting cloud credentials, tokens, and sensitive code from trusted environments. They also examine the PAN-OS GlobalProtect bypass and an AI-driven worm that dynamically selects its exploits.

" allowtransparency="true" frameborder="0" scrolling="no" name="video_embed" allowfullscreen mozallowfullscreen webkitallowfullscreen oallowfullscreen msallowfullscreen>

This episode's segments include...

  • Is there any good news?
  • AI Vey — because we can't not talk about AI 
  • The latest Vulnerable Vulnerabilities 
  •  The highway to the Danger Zone 
  •  Live Q&A 

Safari Tour Guides:

MattRadolec

Matt Radolec

VP of Incident Response, Cloud Operations & SE, Varonis

david-gibson

John Hammond

Senior VP of Strategic Programs, Varonis

In this session, you'll learn:

  • The challenges with legacy DLP solutions
  • The threat actor’s advantage and common attack strategies for exfiltrating sensitive data
  • Actionable tips to improve your data security posture
  • Best practices to prevent data loss in the cloud and on-prem
  • Outcomes you can expect from adopting a next-gen DLP strategy
March 26 2025 - DFF - presenters