Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

Researchers uncovered a large-scale automated attack on GitHub called Megalodon that deployed malicious code to over 5,500 repositories in just six hours. The campaign injected 5,718 commits across 5,561 repos using disposable accounts with spoofed identities like "build-bot," "auto-ci," and "ci-bot."

The attacker crafted malicious GitHub Actions workflows containing base64-encoded bash scripts designed to exfiltrate data from CI/CD pipelines. These workflows exploit the trust developers place in automation systems. Once triggered, the payloads execute with the permissions of the repository's build environment, potentially exposing secrets, credentials, and source code.

GitHub Actions represents an attractive target for attackers. Developers often grant workflows broad permissions and store sensitive credentials as repository secrets. The Megalodon campaign appears designed to harvest these secrets at scale. The base64 encoding obscures the malicious intent from casual inspection.

The six-hour window suggests the attacker operated quickly before detection. GitHub likely disabled the malicious accounts and reverted commits, but the speed indicates the campaign tested GitHub's abuse detection systems. Organizations using GitHub must understand that their Actions workflows inherit repository permissions and can access stored secrets.

Developers should implement strict controls on GitHub Actions. Set workflow permissions to the minimum required. Never hardcode credentials in workflows. Rotate any secrets exposed through compromised repositories. Review Action permissions carefully before execution. Consider using GitHub's branch protection rules and required code reviews to prevent unauthorized workflow modifications.

The scope of Megalodon demonstrates how CI/CD systems can become force multipliers for attackers. A single compromised workflow can compromise dozens of downstream builds and deployments. Organizations should treat GitHub Actions with the same security rigor as production servers. Audit which repositories run workflows. Limit who can modify workflow files. Monitor for unexpected secrets access or out