Home
Our Services
Free resources
- Privacy Research
  Free to use data privacy research
  Key Capabilities
  Latest privacy news tracking
  Product versions
  Latest privacy news tracking
  Track the latest news, breaches and fines
  Key features
  Tracks the latest breaches and fines
  View by industry
  View by breach method
  View by privacy topic
  Links to original articles
  Free to use
  
  Learn more »
  Latest Threat Intelligence
  Product versions
  Latest Threat Intelligence
  Track the Common Vulnerability Exposures (CVEs)
  Key features
  Tracks the latest vulnerabilities
  View by company
  View by breach method
  Links to NVD
  Free to use
  
  Learn more »
  Breach modelling and ROI calculator
  Product versions
  Breach modelling and ROI calculator
  Model what a breach would look like for you in your industry and use this to calculate your return on investment
  Key features
  Model your breach
  Assess the severity
  Compare by industry
  Breakdown costs
  Export to your business plan
  Free to use
  
  Learn more »
Privacy news
Company
- About Us
- FAQ
- Contact Us

Megalodon GitHub Attack Targets 5561 Repos with Malicious CICD Workflows

Name: Proteus-Cyber Ltd
Address: 20-22 Wenlock Road, London, London, N1 7GU, United Kingdom
Telephone: 0208 123 7708
Price range: Competitive

Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5718 malicious commits to 5561 GitHub repositories within a sixhour window Using throwaway accounts and forged author identities buildbot autoci cibot pipelinebot the attacker injected GitHub Actions workflows containing base64encoded bash payloads that exfiltrate CI

Read the original article 22 May 2026

Key Capabilities

Latest privacy news tracking

Latest Threat Intelligence

Breach modelling and ROI calculator

Megalodon GitHub Attack Targets 5561 Repos with Malicious CICD Workflows