Yikes!
GitHub has a major problem. Hackers have compromised the code signing certificate system that ensures that a piece of code has indeed been developed by the person named on it.
Code repositories can only be used if they're trusted -- and this attack has just undermined that trust.
Code repositories can only be used if they're trusted -- and this attack has just undermined that trust.