// Alert

GitHub threat report

// GitHubMEDIUM

SailPoint disclosed in an SEC Form 8-K filing that an unauthorized actor accessed a subset of its GitHub repositories on April 20, 2026. The identity-security vendor said its incident response team, working with a third-party cybersecurity firm, terminated the unauthorized activity and traced the root cause to a vulnerability in a third-party application, which has since been remediated. SailPoint stated that no customer data in production or staging environments was accessed and that services were not interrupted. Affected customers were notified directly and the company says no further customer action is required. Specifics about the third-party application, the threat actor, and any data exposed from the repositories were not disclosed.

// Get alerts for GitHub