Cybersecurity & Data Protection
1
UPVOTE
thehackernews.com

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5,718 malicious commits to 5,561 GitHub repositories within a six-hour window. "Using throwaway accounts and forged author identities (build-bot, auto-ci, ci-bot, pipeline-bot), the attacker injected GitHub Actions workflows containing base64-encoded bash payloads that exfiltrate CI
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
TN

The Hacker News

13d ago
1 0

Discussion

Leave the first comment

Be the first to leave a mark on this discussion.

No comments yet.

Be the first to share your take and keep the conversation moving.

Join the conversation

Log in or sign up to add your comment and participate in the discussion!

Log In Sign Up

UPVOTERS

Community appreciation

See who found this content valuable and showed their support.

EM

Emma Klein

Emma KleinUpvoted 13d ago0 comments · 14 shares

TOPICS

Explore the same topics

Discover more content from the topics this post is mapped to.

thehackernews.com
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Co…

The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SM…
TN

The Hacker News

2026-06-05 07:51
0
bleepingcomputer.com
Brave Software releases Origin for a paid, bloat-free browsing …

Brave has announced the public release of Brave Origin, a paid minimalist version of its browser that strips out cryptocurrency, AI, rewards, and other monetiz…
Carlos the great

Carlos the great

7h ago
0
darkreading.com
Bugcrowd Launches EU Data Residency Option For Evolving Data So…

Organizations are growing serious about what nation’s rules apply to their data. Experts point to geopolitical tensions as a main contributing factor.
DR

Dark Reading

9h ago
0
bleepingcomputer.com
New IronWorm malware hits 36 packages in npm supply-chain attac…

A new supply-chain attack has infected 36 packages on the Node Package Manager (npm) index with infostealer malware called IronWorm. [. .. ]
Giulia

Giulia

14h ago
0
bleepingcomputer.com
Police dismantles fake ID marketplace used by migrant smugglers

French and Spanish authorities took down an online marketplace selling fake identity documents to migrant smuggling rings operating within the European Union.…
MB

Maria Bakker

17h ago
0
thehackernews.com
China-Linked TA4922 Expands Phishing Attacks to UK, Germany, It…

A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U. K. , Germany, Italy, and South…
TN

The Hacker News

17h ago
0

Keep browsing

Explore more from this topic

Dive into the full feed of curated posts covering Cybersecurity & Data Protection.

Browse Topics

RELATED CONTENT

Continue exploring

Discover more content that aligns with your interests and this post.

thehackernews.com
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Co…

The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SM…
TN

The Hacker News

2026-06-05 07:51
0
thehackernews.com
China-Linked TA4922 Expands Phishing Attacks to UK, Germany, It…

A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U. K. , Germany, Italy, and South…
TN

The Hacker News

17h ago
0
thehackernews.com
Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners …

Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims' systems.…
TN

The Hacker News

1d ago
0
thehackernews.com
Google June 2026 Android Update Patches 124 Flaws, One Actively…

Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severi…
TN

The Hacker News

2d ago
0
thehackernews.com
Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewe…

Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-fo…
TN

The Hacker News

3d ago
0
thehackernews.com
⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Atta…

Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some "patched-ish" thing already getting chewed on in the…
TN

The Hacker News

3d ago
0

Still curious?

See more related posts

Keep the inspiration flowing with fresh submissions and trending finds from the community.

View Latest