GitHub is investigating the Tweet published Wed, Aug. 3, 2022:

• No repositories were compromised
• Malicious code was posted to cloned repositories, not the repositories themselves
• The clones were quarantined and there was no evident compromise of GitHub or maintainer accounts