TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

By rooter

Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5,718 malicious commits to 5,561 GitHub repositories within a six-hour window.

“Using throwaway accounts and forged author identities (build-bot, auto-ci, ci-bot, pipeline-bot), the attacker injected GitHub Actions workflows containing base64-encoded bash payloads that exfiltrate CI

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks

rooter
Cyber Security

Making Vulnerable Drivers Exploitable Without Hardware – The BYOVD Perspective

rooter
Cyber Security

E-learning FAQs

rooter

Leave a Reply

You Missed

Security

What is an IDOR vulnerability?

News

NASA undertakes major reorganization to reduce bureaucracy and move faster

News

Akamai Joins Growing Chorus of Vendors Betting Big on Secure Enterprise Browsers

News

How the New ‘Masters of the Universe’ Pays Tribute to the 1987 Film