On Monday, GitHub confirmed that threat actors stole digital certificates used for applications such as Desktop and Atom in a cyberattack that occurred in December 2022. GitHub stated that it investigated the incident and determined that there was no risk to GitHub’s services and that it detected no unauthorized changes to the projects. To mitigate any further risks, GitHub plans to revoke the exposed certificates. This means that some versions of GitHub Desktop for Mac and Atom may be invalidated in the process.
GitHub stated that versions of GitHub Desktop for Mac between 3.0.2 and 3.1.2 will stop working on February 2. Windows will not be affected. GitHub has encouraged its Mac users to upgrade the application to the latest release, whereas Atom users must download a previous program version. The measures are designed to promote security and protect GitHub users from any risks associated with the security incident.