Skip to content
The Nexus
DossierENTITY

Megalodon

Coverage of Megalodon in the Nexus archive.

Earliest in view: May 22 · 11:55 UTCMost recent: May 26 · 19:47 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 26 · 19:47 UTCDARK READING
    Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos

    The 'Megalodon' malware campaign infected over 5,500 GitHub repositories within six hours, using malicious commits to steal credentials and developer secrets. The attack highlights a rapid and stealthy security breach targeting software development platforms.

  • SECURITYMay 22 · 18:57 UTCTHE REGISTER
    Megalodon chums the waters in 5.5K+ GitHub repo poisonings

    A malware campaign called Megalodon poisoned over 5,500 GitHub repositories with CI/CD credential-stealing malware, stealing AWS keys, Google Cloud tokens, and other sensitive credentials. The attack, discovered by SafeDep researchers, was distributed through a compromised Tiledesk package on npm, marking an escalation in supply chain attacks targeting developers.

  • SECURITYMay 22 · 11:55 UTCTHE HACKER NEWS
    Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

    A large-scale cyberattack called Megalodon has injected malicious commits into over 5,500 GitHub repositories using forged identities and automated CI/CD workflows. The campaign pushed thousands of malicious commits within a six-hour window, employing base64-encoded bash payloads designed to exfiltrate data from continuous integration environments.

Megalodon · Dossier · The Nexus