← Back to Blog
Megalodon Supply Chain Attack Compromises 5,500+ GitHub Repositories Through Malicious CI/CD Workflows

Megalodon Supply Chain Attack Compromises 5,500+ GitHub Repositories Through Malicious CI/CD Workflows

May 26, 2026

A large-scale automated campaign dubbed Megalodon compromised more than 5,500 GitHub repositories within a six-hour period by injecting malicious GitHub Actions workflows into targeted projects. The campaign leveraged fake automated commits and CI/CD backdoors designed to steal cloud credentials, API tokens, SSH keys, and deployment secrets from affected environments.

Background on Megalodon Operations

Megalodon is a supply chain attack campaign focused on abusing GitHub Actions workflows and CI/CD automation pipelines. Instead of directly modifying application source code, attackers inserted malicious GitHub workflow files containing Base64-encoded Bash payloads that automatically executed inside CI/CD runners during repository operations.

Researchers observed 5,718 malicious commits pushed across 5,561 repositories between 11:36 a.m. and 5:48 p.m. UTC on May 18, 2026. The attackers additionally relied on throwaway GitHub accounts with random eight-character usernames to evade detection.

Timeline and Scope

Campaign Date: May 18, 2026

Repositories Compromised: 5,561

Malicious Commits Observed: 5,718

Attack Duration: Approximately 6 hours

Primary Target: GitHub repositories and CI/CD environments

Attack Type: Supply chain compromise via malicious GitHub Actions workflows

Associated Threat Activity: TeamPCP

Infection Method

The attackers injected malicious GitHub Actions workflow files into targeted repositories using automated commits disguised as legitimate CI/CD maintenance updates.

Researchers identified two primary payload variants:

  • One payload added new GitHub Actions workflows triggered during every push and pull request operation.
  • Another replaced existing workflows with dormant backdoors activated later through manual workflow dispatch events.

The malicious payloads were heavily obfuscated using Base64-encoded Bash scripts embedded within workflow files. Once executed inside CI/CD runners, the malware harvested secrets and transmitted them to attacker-controlled infrastructure.

One publicly identified affected package was Tiledesk, where compromised GitHub repositories resulted in multiple malicious npm package versions being published from poisoned source code.

Indicators of Compromise (IOCs)

Malicious Infrastructure

  • 216.126.225[.]129:8443 — Command-and-control server used for exfiltration of CI/CD secrets and credentials.

Suspicious Commit Authors

  • build-bot
  • auto-ci
  • ci-bot
  • pipeline-bot
  • build-system@noreply[.]dev
  • ci-bot@automated[.]dev

Host-Based Indicators

  • Unauthorized modifications to .github/workflows/
  • Presence of Base64-encoded Bash payloads inside GitHub Actions workflow files

MITRE ATT&CK Mapping

TA0001 – Initial Access: Supply Chain Compromise

TA0002 – Execution: Command and Scripting Interpreter / Unix Shell

TA0003 – Persistence: Event-Triggered Execution / Workflow Backdoors

TA0006 – Credential Access: Unsecured Credentials / Credentials from Password Stores

TA0010 – Exfiltration: Exfiltration Over C2 Channel

TA0011 – Command and Control: Application Layer Protocol

Mitigation

  • Audit all repositories for unauthorized changes to .github/workflows/.
  • Review commits made on or around May 18, 2026, especially those from unknown automation-style accounts.
  • Rotate GitHub, GitLab, AWS, Azure, GCP, Kubernetes, and Vault credentials immediately.
  • Restrict GitHub Actions permissions using least privilege principles.
  • Disable automatic execution of untrusted workflows where possible.
  • Monitor CI/CD runners for suspicious outbound network traffic.
  • Implement workflow approval gates and SHA pinning for GitHub Actions.
  • Continuously inspect Base64-encoded scripts embedded inside workflow files.

Instantly Fix Risks with Saner Patch Management

Saner patch management is a continuous, automated, and integrated software that instantly fixes risks exploited in the wild. The software supports major operating systems like Windows, Linux, and macOS, as well as 550+ third-party applications.

It also allows you to set up a safe testing area to test patches before deploying them in a primary production environment. Saner patch management additionally supports a patch rollback feature in case of patch failure or a system malfunction.

Experience the fastest and most accurate patching software here.