Megalodon: 5,500 GitHub repos backdoored via Actions workflows

What happened

Over 5,500 GitHub repositories have been compromised in a campaign named Megalodon, a supply chain attack (an attack that reaches targets through their own developer tooling and dependencies, not directly) documented by security researchers.

Attack vector: *fake automated commits*. Attackers injected commits that looked like routine bot updates — the kind of noise no one reviews — but actually modified or added workflow files under `.github/workflows/`. When those workflows executed inside the CI/CD pipeline, they silently exfiltrated credentials, access tokens, SSH keys, repository secrets, and sensitive environment variables to attacker-controlled infrastructure.

The Megalodon label is a researcher designation, not a CVE. No vulnerability identifier has been assigned because this isn't a product bug — it's abuse of legitimate platform functionality.

Why it matters

CI/CD pipelines are the most privileged point in the entire software delivery chain. A GitHub Actions workflow can read `GITHUB_TOKEN`, repository and organization secrets, production environment variables, and run commands with elevated permissions — silently, on every push or scheduled trigger.

5,500 repositories is unusual scale. This isn't a targeted attack on a single org; it's a volume campaign. That means attackers already hold a large pool of exfiltrated secrets, including from organizations running production workloads.

The "legitimate automated commit" pattern is particularly dangerous because it blends with normal Dependabot, Renovate, or CI bot noise. Security teams that don't diff workflow changes won't catch it.

The real damage chain: CI secrets → container registry access (Docker Hub, ECR, GCR) → cloud credentials (AWS, GCP, Azure) → production access. A single stolen token can escalate to full infrastructure compromise.

What to do

• Audit every file under `.github/workflows/` now — any unrecognized change in the last 90 days is suspicious.
• Rotate all repository and organization secrets immediately via GitHub Settings → Secrets.
• Enable GitHub secret scanning and push protection if not already active.
• Review workflow commit history with `git log --all -- .github/workflows/` and cross-check authors against known contributors.
• Rotate cloud credentials (AWS keys, GCP service accounts, Azure service principals) stored as Actions secrets.
• Set minimum permissions on `GITHUB_TOKEN` in every workflow — never blanket `write` by default.
• In organizations, enforce required approval policies for workflows triggered from forks.

The technical lesson isn't new — but it keeps going unapplied: workflow files in `.github/workflows/` are privileged executable code, not config. Treating a commit there like editing a README is exactly the gap Megalodon is exploiting at scale.