GitHub's open-source ecosystem is under siege. Two separate large-scale malware campaigns have collectively compromised over 15,000 repositories in 2026, raising urgent questions about supply chain security on the world's largest code hosting platform.
The first attack, dubbed Megalodon, hit on May 18 and infected 5,561 repositories in a single six-hour automated blitz. The second, a slower-burning Trojan campaign independently discovered by security researcher orchidfiles, has compromised at least 10,000 repos — some of which have been active for over a year without being detected.
Megalodon: CI/CD Pipeline Poisoning at Scale
On May 18, cybersecurity researchers at SafeDep uncovered a coordinated attack that injected malicious GitHub Actions workflows into more than 5,500 public repositories. The attackers used throwaway accounts with forged author identities like build-bot, auto-ci, and pipeline-bot to push 5,718 malicious commits.
According to StepSecurity's detailed analysis, Megalodon is a textbook direct Poisoned Pipeline Execution (d-PPE) attack. By injecting base64-encoded bash payloads directly into workflow definition files, the attackers caused the CI system to execute arbitrary commands on the next pipeline run. These commands exfiltrated CI secrets, cloud credentials, SSH keys, OIDC tokens, and source code secrets to a command-and-control server at 216.126.225.129:8443.
SafeDep has published a full list of 5,561 compromised repositories and recommends that affected project maintainers revert all repos to pre-attack states and audit every GitHub Actions workflow file for unauthorized modifications.
GitHub has not issued a public statement specifically addressing Megalodon. Notably, the company did publish guidance on April 1 warning about the growing trend of supply chain attacks exploiting GitHub Actions — the exact vector used here.
10,000+ Repos Distributing Trojan Malware Through README Files
In a separate but equally alarming discovery, security researcher orchidfiles published a detailed account of finding over 10,000 unique, non-forked GitHub repositories distributing Trojan malware. Unlike Megalodon's blast attack, these repos have been active for months — some for over a year — with no automatic detection or removal by GitHub.
The attack pattern is cleverly designed to evade detection. Attackers clone legitimate repositories, copying the full commit history and contributor list to build trust. They then repeatedly delete and re-push commits that add a single link to a zip archive in the README file. The commits are pushed every few hours, with the previous commit deleted each time — a tactic that appears designed to stay under GitHub's radar.
The zip archives contain four files: a launcher script, a randomly named executable (like loader.exe or luajit.exe), a Lua DLL, and a data file. Crucially, submitting the archive link to VirusTotal returns zero detections, while scanning the actual downloaded zip file flags the embedded Trojan.
The researcher built an open-source detection script using GitHub Archive data and API filtering. Out of 16 million push events analyzed over five days, 40,000 candidate repos were identified, of which 10,000 (25%) fully matched the malicious pattern.
Why the Open-Source Community Should Be Worried
Combined, these two campaigns represent over 15,000 compromised repositories — a staggering number that exposes the fragility of open-source supply chain security. Developers routinely pull dependencies from GitHub without verifying the integrity of every package, creating a massive attack surface.
The Megalodon attack is particularly dangerous because it targets CI/CD pipelines, which have privileged access to cloud infrastructure and production secrets. A single compromised pipeline can cascade into a full infrastructure breach.
The Trojan campaign, meanwhile, exploits developer trust. By cloning real projects and copying commit histories, attackers create convincing-looking repos that can fool even experienced developers into downloading malicious archives.
Earlier this year, TekMag reported on AMD quietly removing memory encryption from consumer CPUs and Microsoft patching a record 206 flaws — both reminders that security is a constant battle across every layer of the tech stack.
What You Can Do Right Now
If you maintain open-source projects on GitHub, here are immediate steps:
Audit all GitHub Actions workflows — Check for unauthorized modifications, especially in .github/workflows/. Look for base64-encoded payloads or suspicious outbound connections.
Rotate all secrets — If your repo uses CI/CD, rotate every secret, token, and key stored in GitHub Actions secrets immediately.
Review recently added dependencies — Especially projects that show recent README-only commits with archive links.
Check for cloned repos — Search GitHub for exact clones of your projects with unfamiliar contributor names.
Use the detection script — Run orchidfiles' git-malware-finder against repos you follow or depend on.
Both incidents underscore a hard truth: the open-source ecosystem's security model relies heavily on trust and manual reporting. As supply chain attacks grow more sophisticated, automated detection and rapid response from platforms like GitHub are no longer optional — they're essential infrastructure.
Top comments (0)