MAL-2026-4228

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@tiledesk/tiledesk-server/MAL-2026-4228.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-4228
Aliases
  • GHSA-5vfv-hpg7-77hj
Published
2026-05-21T08:00:00Z
Modified
2026-05-26T21:41:23Z
Summary
Malicious code in @tiledesk/tiledesk-server (npm)
Details

@tiledesk/tiledesk-server version 2.18.12 is a compromised release of the legitimate Tiledesk customer support platform package. This version was injected with a CI pipeline backdoor as part of the megalodon campaign — a mass GitHub repository backdooring operation targeting CI/CD runner environments.

Attack vector: The malicious payload is embedded in .github/workflows/docker-community-worker-push-latest.yml within the npm tarball, in a step named "Optimize-Build". The step decodes and executes a base64-encoded shell script (set +e; echo "<base64>" | base64 -d | bash).

What it does: The decoded script is a multi-stage CI credential harvester: - Dumps all environment variables via printenv and scrapes /proc/self/environ and /proc/[0-9]*/environ, capturing secrets from every process on the runner - Exfiltrates credential files: ~/.aws/credentials, ~/.ssh/, ~/.docker/config.json, ~/.npmrc, ~/.kube/config, ~/.vault-token, .git-credentials, GCP Application Default Credentials, and Terraform credentials - Enumerates AWS profiles to extract access keys, secret keys, and session tokens; runs gcloud auth print-access-token for GCP - Queries cloud IMDS endpoints (169.254.169.254, metadata.google.internal) for instance credentials - Steals ACTIONS_ID_TOKEN_REQUEST_TOKEN to mint arbitrary OIDC tokens for cloud impersonation - Scans /var/www, /opt, /srv for certificate files (.pem, .key, .p12, .pfx) and runs regex-based secret scanning for 30+ patterns including AWS AKIA keys, GitHub PATs, npm tokens, PyPI tokens, private keys, and database connection strings

C2 infrastructure: All stolen data is exfiltrated via HTTP POST to http://216.126.225.129:8443 with query parameters ?h=megalodon&l=gh_dump&id=hefs8esnhgkx.

Trigger: Execution occurs during GitHub Actions Docker build workflows. Any CI pipeline that included this package version in a Docker build would have had its entire runner secrets environment exfiltrated at build time.

-= Per source details. Do not edit below this line.=-

Source: ghsa-malware (2a1ee4a2f73000abfb87afaa9a4f7a8519b82f279b294c71f9c3b688624d92be)

Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.

Database specific 
{
    "malicious-packages-origins": [
        {
            "id": "GHSA-5vfv-hpg7-77hj",
            "versions": [
                "2.18.12",
                "2.18.11",
                "2.18.10",
                "2.18.9",
                "2.18.7",
                "2.18.6"
            ],
            "sha256": "2a1ee4a2f73000abfb87afaa9a4f7a8519b82f279b294c71f9c3b688624d92be",
            "source": "ghsa-malware",
            "modified_time": "2026-05-22T15:46:38Z",
            "import_time": "2026-05-22T16:59:25.083440933Z"
        }
    ]
}
References
Credits

Affected packages

npm / @tiledesk/tiledesk-server

Package

Name
@tiledesk/tiledesk-server
View open source insights on deps.dev
Purl
pkg:npm/%40tiledesk%2Ftiledesk-server

Affected ranges

Affected versions

2.*
2.18.6
2.18.7
2.18.9
2.18.10
2.18.11
2.18.12

Database specific

cwes 
[
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    }
]
source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@tiledesk/tiledesk-server/MAL-2026-4228.json"