TI Mindmap HUB
Threat Intelligence Report

Megalodon: Mass GitHub Repo Backdooring via CI Workflows

📅 May 28, 2026 📰 safedep.io 🔍 0 CVE(s) referenced

A massive, automated supply chain attack dubbed "megalodon" stealthily backdoored over 5,500 GitHub repositories by injecting malicious CI workflows that exfiltrate secrets, cloud credentials, and tokens—often lying dormant until remotely triggered—posing severe risks to both open source projects and downstream package ecosystems.

vendor

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle