alt Hacker NewsGitHub is investigating unauthorized access to their internal repositories
Comments
This is bad. If they came out announcing this, without a long winded explanation and further details, it's because they're staring at a bottomless pit and they haven't put the lid on it yet.
For a Fortune 100, to go out of your way to spook investors is the least desirable approach.
non-twitter link: https://xcancel.com/github/status/2056884788179726685#m
- Use Static analysis for GHA to catch security issues: https://github.com/zizmorcore/zizmor
- set locally: pnpm config set minimum-release-age 4320 # 3 days in minutes https://pnpm.io/supply-chain-security for other package managers check: https://gist.github.com/mcollina/b294a6c39ee700d24073c0e5a4e...
- add Socket Free Firewall when installing npm packages on CI https://docs.socket.dev/docs/socket-firewall-free#github-act...
"Someone broke into our house and we have no clue if they're still hiding under the bed or in the drawer. TV is gone."
Time to switch to Gitlab, Bitbucket or self-hosted
https://pbs.twimg.com/media/HItbXhvW4AAMD8W?format=jpg&name=...
All of their repos have been copied and are up for sale. Attackers are TeamPCP, the creators of the Shai-Hulud malware.
Are they required to announce that they're being hacked in real time?
Is it just me or is this happening way more frequently in the last 4 or 5 months? Coincidently around the same time the models got a lot more capable?
between all the Linux LPEs and Claude's known security flaws, alone, I'd be shocked if Github and Microsoft hadnt gotten hacked by now. reasonable bet we mainly hear it when big shops get bit
[dead]
Mythos has broken containment
Is Twitter/X the right channel to announce a security event like this?
I ask because I don’t see anything posted on their official blog or status page.
GitHub: "We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity."