RT GitHub Security
We received a bug bounty report of a vulnerability which, if exploited, allowed access to credentials within a production container. We have patched http://GitHub.com and rotated all affected credentials, and patches for GHES are available today. https://github.blog/2024-01-16-rotating-credentials-for-github-com-and-new-ghes-patches

https://twitter.com/GitHubSecurity/status/1747349700875842026