AquaSec analyzed a sample of 1% of GitHub repositories and found that about 37,000 of them are vulnerable to RepoJacking, including the repositories of companies such as Google and Lyft.
Millions of GitHub repositories vulnerable to RepoJacking: Report
