"Using throwaway accounts and forged author identities (build-bot, auto-ci, ci-bot, pipeline-bot), the attacker injected GitHub Actions workflows containing base64-encoded bash payloads that exfiltrate CI VDS VPS Cloud
http://dlvr.it/TSgQzK
Friday, 22 May 2026
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
"Using throwaway accounts and forged author identities (build-bot, auto-ci, ci-bot, pipeline-bot), the attacker injected GitHub Actions workflows containing base64-encoded bash payloads that exfiltrate CI VDS VPS Cloud
http://dlvr.it/TSgQzK
Subscribe to:
Post Comments (Atom)
Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline
iT4iNT SERVER A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email cre...
-
iT4iNT SERVER A new agentic browser attack targeting Perplexity's Comet browser that's capable of turning a seemingly innocuous emai... -
iT4iNT SERVER A human rights lawyer from Pakistan's Balochistan province received a suspicious link on WhatsApp from an unknown number, ... -
iT4iNT SERVER The threat actor known as Silver Fox has been spotted orchestrating a false flag operation to mimic a Russian threat group in ...
No comments:
Post a Comment