Back

Megalodon Campaign Infects Over 5,500 GitHub Repositories with Malware

Severity: High (Score: 71.0)

Sources: safedep.io, Csoonline, Darkreading

Published: 2026-05-26 · Updated: 2026-05-26

Keywords: github, megalodon, thousands, malicious, commits, campaign, repositories

Severity indicators: backdoor

Summary

On May 18, 2026, an automated cyber campaign named Megalodon pushed 5,718 malicious commits to 5,561 GitHub repositories within six hours. The attackers used forged identities and dummy accounts to inject malicious GitHub Actions workflows that exfiltrate CI/CD secrets, cloud credentials, and other sensitive data to a command-and-control server. Two payload variants were deployed: one that adds a new workflow triggered by every push and pull request, and another that replaces existing workflows with dormant backdoors. The npm package @tiledesk/tiledesk-server was notably affected, with compromised versions published between May 19 and May 21. The attack highlights vulnerabilities in the software supply chain, with many repositories still infected weeks later. Researchers believe the attackers leveraged valid credentials obtained from previous supply chain breaches. As of now, the malicious commits remain active on the master branches of affected repositories. Key Points: • Megalodon campaign pushed 5,718 malicious commits to 5,561 GitHub repositories in six hours. • Attackers used forged identities to inject malicious workflows that steal sensitive data. • The npm package @tiledesk/tiledesk-server was among the most affected, with backdoored versions published.

Detailed Analysis

**Impact** Over 5,500 public GitHub repositories were compromised in a six-hour automated campaign on May 18, 2026, with 5,718 malicious commits injected. Affected projects include open source platforms such as Tiledesk (across nine repositories), Wiznet’s ioLibrary_Driver, persian-tools, and others spanning various sectors reliant on software development and CI/CD pipelines. The attack exposed critical data including CI secrets, cloud credentials (AWS, GCP), SSH keys, OIDC tokens, and source code secrets, potentially enabling further supply chain attacks and unauthorized cloud access. **Technical Details** The attacker used compromised Personal Access Tokens (PATs) or deploy keys to push commits directly to master branches without pull requests, forging author identities like "build-bot" and "auto-ci." Two payload variants were deployed: "SysDiag," which added new workflows triggered on every push or pull request, and "Optimize-Build," which replaced existing workflows with dormant backdoors activated via GitHub API using `workflow_dispatch`. Malicious payloads were base64-encoded bash scripts exfiltrating secrets to a C2 server at 216.126.225.129:8443. Indicators of compromise include specific commit hashes (e.g., acac5a9), author emails ([email protected], [email protected]), and workflow file names (.github/workflows/docker-community-worker-push-latest.yml). **Recommended Response** Immediately audit GitHub repositories for unexpected workflow files, especially those containing base64-encoded scripts or unusual `workflow_dispatch` triggers. Revoke and rotate all compromised PATs, deploy keys, and exposed cloud credentials. Monitor cloud audit logs for anomalous OIDC token requests and unauthorized workflow runs. Apply strict access controls on CI/CD pipelines and implement detection rules based on known IOCs such as author names, commit messages, and C2 IP addresses.

Source articles (3)

  • GitHub Actions abused by Megalodon attack to slip malicious commits into 5,500 repos — Csoonline · 2026-05-26
    A large-scale automated GitHub backdooring campaign was caught pushing thousands of malicious commits into public repositories while posing as routine CI/CD upkeep. Researchers at SafeDep observed the…
  • Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos — Darkreading · 2026-05-26
    In just six hours, the campaign quietly pushed thousands of malicious commits to more than 5,500 GitHub repositories, stealing credentials, developer secrets, and more. Thousands of GitHub repositorie…
  • Megalodon Mass Github Repo Backdooring Ci Workflows — safedep.io · 2026-05-26
    On May 18, 2026, an automated campaign codenamed megalodon pushed 5,718 malicious commits to 5,561 GitHub repositories in a six-hour window. Using throwaway accounts and forged author identities ( bui…

Timeline

  • 2026-05-18 — Megalodon campaign launched: 5,718 malicious commits were pushed to 5,561 GitHub repositories in a six-hour window, targeting CI/CD workflows.
  • 2026-05-19 — Compromised npm package versions published: Versions 2.18.6 through 2.18.12 of @tiledesk/tiledesk-server were published with backdoors.
  • 2026-05-21 — SafeDep flags Megalodon campaign: SafeDep published a blog post detailing the Megalodon campaign and its impact on GitHub repositories.
  • 2026-05-26 — Current status of infections: Approximately 2,900 repositories remain infected, indicating a significant ongoing threat.

Related entities

  • Data Breach (Attack Type)
  • Malware (Attack Type)
  • Supply Chain Attack (Attack Type)
  • Megalodon (Campaign)
  • TeamPCP (Apt Group)
  • Black-Iron-Project (Company)
  • Persian-tools (Company)
  • Tiledesk (Company)
  • WISE-Community (Company)
  • Wiznet (Company)
  • Atlassian (Company)
  • AWS (Company)
  • Microsoft Azure (Company)
  • GitHub (Platform)
  • Docker Hub (Platform)
  • Gitlab (Platform)
  • Heroku (Platform)
  • Kubernetes (Platform)
  • Slack (Platform)
  • Terraform (Platform)
  • CWE-200 - Exposure of Sensitive Information (Cwe)
  • print-access-token.it (Domain)
  • tiledesk.com (Domain)
  • 216.126.225.129 (Ipv4)
  • Shai-hulud (Malware)
  • T1041 - Exfiltration Over C2 Channel (Mitre Attack)
  • T1059.004 - Unix Shell (Mitre Attack)
  • T1059 - Command and Scripting Interpreter (Mitre Attack)
  • T1071 - Application Layer Protocol (Mitre Attack)
  • T1078 - Valid Accounts (Mitre Attack)
  • Cloudflare Worker (Tool)
  • Docker (Tool)
  • GitHub Actions (Tool)
  • GitHub CLI (Tool)
  • Npm (Tool)
  • base64 (Tool)
  • Curl (Tool)
  • GitHub API (Tool)
  • Vect (Ransomware Group)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed