Megalodon chums the waters in 5.5K+ GitHub repo poisonings
A new malware campaign named Megalodon has compromised over 5,500 GitHub repositories by pushing malicious commits. This attack, which follows previous incidents like TeamPCP, targets CI/CD pipelines to steal sensitive credentials from cloud services. Experts warn that the ongoing wave of supply chain attacks poses significant risks to developers and companies using GitHub.
- ▪Megalodon has infected 5,561 GitHub repositories with credential-stealing malware.
- ▪The malware can exfiltrate AWS secret keys, Google Cloud access tokens, and other sensitive information.
- ▪Experts believe that the current wave of supply chain attacks will continue until major platforms take action against malicious code.
Opening excerpt (first ~120 words) tap to expand
(function() { let windowUrl = window.location.href; windowUrl = windowUrl.substring(windowUrl.indexOf('?') + 1); let messageElement = document.querySelector('.shareableMessage'); if (windowUrl && windowUrl.includes('code') && windowUrl.includes('expires')) { messageElement.style.display = 'block'; } })(); Security Megalodon chums the waters in 5.5K+ GitHub repo poisonings Will Jason Statham save us? Jessica Lyons Jessica Lyons Published fri 22 May 2026 // 19:57 UTC A malware-spreading scumbag swimming through GitHub pushed malicious commits to more than 5,500 repositories on Monday as part of an automated campaign called Megalodon.Similar to the earlier TeamPCP attacks that poisoned about 3,800 GitHub repositories, this new campaign has so far infected 5,561 repos with CI/CD…
Excerpt limited to ~120 words for fair-use compliance. The full article is at The Register.
Discussion
0 commentsMore from The Register
