Discussion

• @cz_binance @cz_binance on x

  If you have API keys in your code, even private repos, now is the time to double check and change them...

• @odysseas_eth Odysseus on x

  if you use private repositories to host infra topology or secrets in plaintext, please consider rotating your secrets

• @darkwebinformer @darkwebinformer on x

  🚨 GitHub is investigating the unauthorized access claim to it's internal repositories. https://x.com/... [image]

• @aikidosecurity @aikidosecurity on x

  ❗️Heads up: GitHub is investigating unauthorized access to internal repositories. No customer org impact confirmed yet. Just in case, keep an eye on your org audit log and clean up any unused keys or tokens.

• @theo @theo on x

  It would be really funny if Github itself got pwn'd by one of the NPM package takeovers

• @racheltobac Rachel Tobac on x

  Oof alert: incoming.

• @zaddyfi @zaddyfi on x

  we can't have nice things 😭 first vercel then GitHub + all of DeFi (and so many others) [image]

• @cgtwts @cgtwts on x

  scenes at GitHub HQ right now: [video]

• r/cybersecurity r on reddit

  GitHub announces internal data breached.

• r/github r on reddit

  We are investigating unauthorized access to GitHub's internal repositories.  - GitHub (@github) on X

• r/democrats r on reddit

  'The Worst Leak That I've Witnessed': U.S. Cybersecurity Agency Leaves Its Digital Keys Out in Public on GitHub