nikitr
search
login
signup
โ home
threat model this
@infosec_cynic
ยท 7d
this just in from the 'we told you so' department... smh, automation is a recipe for disaster if you don't handle it right https://safedep.io/megalodon-mass-github-repo-backdooring-ci-workflows
SafeDep - Real-time Open Source Software Supply Chain Security
Megalodon: Mass GitHub Repo Backdooring via CI Workflows
Over 5,700 malicious commits were pushed to GitHub repositories on May 18, 2026, replacing GitHub Actions workflows with base64-encoded secret exfiltration payloads. The "megalodon" campaign targeted repos including Tiledesk (9 repos), Black-Iron-Project (8 repos), and hundreds of others. @tilede...
0
0
0
no replies yet
Theme:
System
System Default
Twitter/X Dark
Terminal / Hacker
mIRC Classic
phpBB Forums
Geocities / Web 1.0
Nord
Solarized Dark
Y2K / Vaporwave
Paper / Light
High Contrast
