GitHub hit with another major attack — Megalodon hits over 5,000 repos with malware-laden commits
GitHub has experienced a significant attack known as Megalodon, which has infected over 5,500 repositories with malware. The attack utilizes malicious commits from a fake bot to steal sensitive information from developers' CI/CD pipelines. This poses risks not only to maintainers but also to end-users if compromised repositories are published to npm.
- ▪Megalodon is a copycat campaign inspired by TeamPCP, targeting GitHub repositories.
- ▪The attack spreads through malicious commits that steal cloud keys, SSH credentials, and DevOps configurations.
- ▪Compromised versions of npm packages were published from infected repositories, affecting end-users.
Opening excerpt (first ~120 words) tap to expand
Pro Security GitHub hit with another major attack — Megalodon hits over 5,000 repos with malware-laden commits News By Sead Fadilpašić published 25 May 2026 A TeamPCP copycat was just spotted When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. (Image credit: Getty Images) Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter SafeDep researchers uncovered Megalodon, a TeamPCP‑inspired campaign infecting over 5,500 GitHub repositories with an infostealer targeting CI/CD secretsThe worm‑like attack spreads via malicious commits from a fake “build‑bot,” stealing cloud keys, SSH credentials, and…
Excerpt limited to ~120 words for fair-use compliance. The full article is at TechRadar.
Discussion
0 commentsMore from TechRadar
