GitHub has revoked weak SSH authentication keys generated using a library that incorrectly created duplicate RSA keypairs. GitHub allows you to authenticate to their service without a user name and password using the SSH protocol. A bug in the library’s pseudo-random number generator allowed for the generation of duplicate RSA keys, enabling users to access other GitHub accounts secured with the same SSH key. GitHub revoked all keys generated by GitKraken at 17:00 UTC or 1 PM EST today. Users whose keys have been revoked are notified by GitHub and recommended to review their SSH keys and replace them.”]