I am uncovering what seems to be a massive widespread malware attack on @github.

- Currently over 35k repositories are infected
- So far found in projects including: crypto, golang, python, js, bash, docker, k8s
- It is added to npm scripts, docker images and install docs pic.twitter.com/rq3CBDw3r9

— Stephen Lacy (@stephenlacy) August 3, 2022