Megalodon cyberattack infects 5,500 GitHub open-source repositories with malware, researchers say
A recent cyberattack known as Megalodon has compromised 5,561 GitHub open-source repositories. Researchers from SafeDep reported that the attack exploited GitHub Actions workflows to steal user credentials and other sensitive data. A detailed list of the affected repositories is available in the SafeDep security report.
- ▪The Megalodon cyberattack occurred on May 18, 2026.
- ▪It infected over 5,500 GitHub repositories with malware.
- ▪The attack utilized GitHub Actions workflows to harvest user data.
Opening excerpt (first ~120 words) tap to expand
Home > Tech Megalodon cyberattack infects 5,500 GitHub open-source repositories with malware, researchers say Security researchers say 5,500 GitHub repositories have been affected by the attack. By Timothy Beck Werth Timothy Beck Werth Tech Editor Timothy Beck Werth is the Tech Editor at Mashable, where he leads coverage and assignments for the Tech and Shopping verticals. Tim has over 15 years of experience as a journalist and editor, and he has particular experience covering and testing consumer technology, smart home gadgets, and men’s grooming and style products. Previously, he was the Managing Editor and then Site Director of SPY.com, a men's product review and lifestyle website.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Mashable.
Discussion
0 commentsMore from Mashable
