Megalodon — Campaign Analysis & Threat Activity

Threat entity extracted from intelligence sources

Frequency
9
occurrences
First Seen
May 22, 2026
Last Seen
May 30, 2026

Megalodon is a threat campaign tracked across 3 threat clusters and 9 intelligence report mentions on ThreatCluster. First observed May 22, 2026; most recent activity May 30, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • CISA urges security teams to check for software development compromises — Ground.News · May 30, 2026
  • Trusted Dev Tools Abused to Steal Code and Secrets — Gbhackers · May 29, 2026
  • Megalodon Mass Github Repo Backdooring Ci Workflows — safedep.io · May 26, 2026
  • Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos — Darkreading · May 26, 2026
  • GitHub Actions abused by Megalodon attack to slip malicious commits into 5,500 repos — Csoonline · May 26, 2026
  • Megalodon Mass Github Repo Backdooring Ci Workflows — safedep.io · May 22, 2026
  • Megalodon chums the waters in 5.5K+ GitHub repo poisonings — Theregister · May 22, 2026
  • GitHub repos hijacked in massive Megalodon attack — Cybernews · May 22, 2026

CVSS v3.1 Breakdown