GitHub has reported that a malicious actor gained access to a set of repositories used in the planning and development of GitHub Desktop and text and source code editor Atom.
The source code repository said that it became aware of the data breach after “unauthorized access” was detected on its servers on December 7, 2022. A set of encrypted code-signing certificates were stolen during a breach. GitHub reported that the certificates were password-protected and there was “no evidence of malicious use”.
The hacker gained access to the source-code repositories on December 6, 2022, after using a compromised Personal Access Token (PAT) associated with a machine account to clone repositories from its Atom, desktop and “other deprecated GitHub-owned organizations”.
As a preventative measure, GitHub has said that it will “revoke the exposed certificates used for the GitHub Desktop and Atom applications” meaning users must update their applications before February 2, 2023, to continue using them