Megalodon: 5,561 GitHub repos hit with malicious CI/CD workflows

What happened

Megalodon executed an automated supply chain attack (compromising developer tooling rather than the final product) against the GitHub ecosystem at an unprecedented scale. In six hours, 5,718 malicious commits landed across 5,561 repositories.

Attack vector: GitHub Actions (GitHub's built-in CI/CD — Continuous Integration/Continuous Deployment automation that builds, tests, and deploys code). Attackers injected malicious workflows into `.github/workflows/` carrying bash payloads *base64-encoded* (obfuscated to bypass detection rules hunting for obvious strings). The goal: *exfiltrate* CI environment secrets — `GITHUB_TOKEN`, cloud credentials, API keys, package registry tokens.

To sign commits, they used throwaway accounts with forged identities: `build-bot`, `auto-ci`, `ci-bot`, `pipeline-bot`. Names engineered to blend into repos with active legitimate automation.

Why it matters

GitHub Actions secrets are the most valuable targets in the development pipeline: write-scoped `GITHUB_TOKEN`, AWS/GCP/Azure credentials, SSH keys, npm/PyPI tokens. A compromised workflow *silently exfiltrates* them on every pipeline run — no visible alerts to the team.

The 5,561-repo, 6-hour window confirms full automation. Most likely a bot scanning for repos with existing CI workflows and pushing commits wherever permissions allow — repos with branch protection disabled or loose collaborator settings.

This pattern is not new, but Megalodon industrializes it. If your CI secrets reach an attacker, the blast radius extends far beyond the repo: cloud infrastructure access, ability to publish malicious packages under your identity, lateral movement to other systems.

What to do

• Audit `.github/workflows/` across all your repos: look for unrecognized files or recent modifications you did not initiate
• Filter commit history for suspicious authors: `build-bot`, `auto-ci`, `ci-bot`, `pipeline-bot`
• Rotate all CI secrets immediately if you find unauthorized commits: `GITHUB_TOKEN`, cloud credentials, API keys, registry tokens
• Enable branch protection with mandatory PR review to block unauthorized direct commits to main branches
• Add `CODEOWNERS` pointing to `.github/workflows/` to require explicit approval on any workflow changes
• Check your org's audit log: `Settings → Security → Audit log`, filtering for `workflow` events in the campaign's timeframe

This campaign confirms CI/CD pipelines are the new primary attack surface. Cloud credentials stored as GitHub secrets are worth more than a shell on prod — and they're reachable by anyone who can push to your repo.