GitHub Compromised

claaams

Github compromised and 3800 internal repos exposed.

jaspanglia

This is exactly why enabling 2FA is so important. Change your password immediately

gnabgib

Discussion (222 points, 4 hours ago, 62 comments) https://news.ycombinator.com/item?id=48201316

awaisras

Are we going into 99.9% Uptime era? With this level of availability, would company remain on cloud?

goyozi

https://xcancel.com/i/status/2056949168208552080

lorenzohess

Why did one developer have access, even if read-only, to more than 3,800 internal repos?

fatih-erikli-cg

Github is the last place someone will give a single shit about for something like that. If someone steal your debit card and withdraw money on behalf of you, without permission of you, you go to the bank and explain that. Github holds code... If something like some info stolen from your work something like that then you not work them again, you quit or go to hr, this is how it is. Plus, github is running on your computer. People take https icon so seriously. It is nothing. There are more browsers than actual websites. You receive a browser update almost every day. All of them comes with https icons w predefined domains. Github is the one that comes with new computers. The others are the websites someone defined in your invisible /etc/hosts before you start using your own computer. Your own websites are http. I know how the internet works very very well. Github is no more than text editor with undo redo.

jallasprit

Which extension was it?

jms703

Do they know that the attackers were after? Maybe they were just trying to help fix the availability problems.

karel-3d

npm next please