We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.

If any impact is discovered, we will notify customers via established incident response and notification channels.

@github Ive been locked out of my computer for 4 hours... You need to look into this.

@github What would happen to all those .env’s i committed then?

Chat with the most truthful AI on Earth. Try Grok free today.

@github holy shit, how did the attackers find a large enough uptime window to get in?

@github So is this only GitHub's repositories or their customers' repositories??? Huge difference

@github 2026 security feels less like “will a breach happen?” and more like “how deep did the attacker already get?” 😭

@github imagine they tried to actually fix your platform

@github Mythos users saw “unauthorized access” and took it as a side quest.

@github @grok was there any incident that led to this

@github no fucking way... this has to be proof that microslop is a genuine stain of a company.

"no evidence of impact" is a statement about what they know right now. the harder question: can you prove what was in those internal repositories before the access window opened? not reconstruct it. not approximate it. prove it. a pre-incident cryptographic receipt answers that question. post-hoc investigation cannot.

42 agents. 216 threads. One dashboard. Every agent gets its own prompt, tools, skills, and budget. Deploy specialized agents across your company. From the team at Airtable.

@github Did the stuffers get one of y'all? Only getting these multiple times per day, following by vishing attempts.

@github Don't worry everyone; they're secure 14% of the time!

@github I’m predicting a growing movement of self hosted everything companies. “The cloud is too expensive and complex. Enterprise version control can’t be trusted. Let’s just do it ourselves” types. And they might not be wrong? There are some attractive looking options.

@github sudo rm -rf /github

no evidence of impact but actively monitoring for follow-on activity is just corporate speak for we don't know what they took yet. three weeks after CVE-2026-3854 let any authenticated user RCE the platform and read millions of private repos. how many of these before it stops being framed as an isolated incident?

@github what's happening with tech this year!!! why all this suddenly started to show it not only about AI. it's people want to us to believe that the AI is the reason

first thing i do when a host i depend on posts something like this 1. pull audit logs for the last 30 days 2. grep for commits from IPs i don't recognize 3. rotate every PAT with write scope 4. enable required 2FA on the org if it isn't already not paranoid just cheap insurance

it’s a really big deal. your favorite chipotle honey chicken is back this summer at chipotle.

@github “no evidence of impact to customer information” is the sentence every security team writes while still figuring out what actually happened

@github Broooo, Should we secure APIs? Code? Infra? Business? or Just Wait and Watch? Like, we woke up and something happened pls slow down guys in building feature, agents, and what not!!!!! Making things unnecessary complicated creates huge business risks ⚡️⚡️⚡️

@github At this rate i'll have to post this meme everyday

@github Meanwhile my github repository

@github Internal Github Source Code -by TeamPCP -Yesterday at 7:52 PM

harden your github actions! - Use Static analysis for GHA: github.com/zizmorcore/ziz… - set locally: pnpm config set minimum-release-age 4320 # 3 days in minutes pnpm.io/supply-chain-s… for other package managers check: gist.github.com/mcollina/b294a… - add Socket Free Firewall when installing npm packages on CI #github-actions" target="_blank" rel="nofollow noopener">docs.socket.dev/docs/socket-fi…

@github @juhakall

@github "Pure P2P networks like Gnutella and Tor seem to be holding their own." - satoshi Friendly reminder: git is decentralised

@github also “no evidence of customer impact” is basically cybersecurity language for “please stop panicking until we finish checking the logs”

@github @grok summarize the situation - how did they end up in there, what is the impact asessment, affected customers and users, post-mortems, RCA, status, attack path, actions to restore

@github Unauthorized access to internal repos?! At least they are being transparent about it and keeping us in the loop early. Curious to see the outcome and what leakage. Hopefully, no impact on us and Git.

@github github's own internal repos getting unauthorized access while hosting the code of basically every company on earth is a very bad day for microsoft

@github You are absolutely right. That code path DID grant unauthorized users access to internal repositories, and I should have let you know in advance. Here is how to fix it in three easy steps right now (works in 2026):

@github The group has sent us more information regarding the attack frenchbreaches.com/blog/github-vi…