1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories.
Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.
Honestly thought we were just bad at ops for a while.
Turns out a lot of early-stage companies deal with the same mess.
That’s part of why we’re building Jupikit.
https://t.co/cCgCVo2oR1
You start a company thinking about product, growth, hiring.
A few months later you’re digging through Slack screenshots trying to remember why a payment happened and searching invoices for GST details again.
Didn’t expect this to become such a big part of running a company.