The attack surface has moved deeper into the build pipeline. Megalodon, a large automated supply-chain campaign reported by SafeDep and covered by SecurityWeek, injected malicious GitHub Actions workflows into thousands of repositories so attackers could harvest credentials from CI/CD environments.

SecurityWeek reported that more than 5,700 malicious commits landed across 5,561 repositories during a six-hour window on May 18, 2026. The campaign used fake automated maintenance commits to add new workflows or alter existing ones. Some workflows were designed to run on push and pull request events, while others created dormant backdoors that could be triggered later through the GitHub API.

The payload list shows why CI compromise is so dangerous. According to the report, the malware attempted to exfiltrate CI environment variables, AWS credentials, GCP access tokens, Azure credentials, SSH private keys, Docker and Kubernetes configurations, API keys, database connection strings, GitHub Actions tokens, GitLab CI/CD tokens, and other secrets. A CI runner often holds the permissions needed to publish packages, deploy infrastructure, or access cloud accounts, making it a high-value target even when the application code itself looks untouched.

The campaign surfaced after malicious versions of the Tiledesk package were found. SecurityWeek, citing SafeDep, said the attacker did not need to compromise the npm account directly. Instead, the GitHub repository was poisoned, and the maintainer later published from that tainted source. That pattern is harder for teams to notice because workflow files often receive less review than application changes.

The immediate defensive lesson is concrete: audit workflow file changes, require review for `.github/workflows`, reduce default token permissions, and inspect cloud OIDC token requests from unexpected workflow runs. Teams should also look closely at May 18 commits using maintenance-style authors such as build-bot, auto-ci, ci-bot, or pipeline-bot.

Megalodon is not only a GitHub incident. It is a warning that CI/CD automation has become part of the production attack surface. Package scanners can miss the point if the build machinery that creates the package has already been altered.

#cicd

Megalodon hit 5,561 GitHub repos by poisoning CI workflows