On March 8, GitHub invalidated all authenticated sessions created prior to 12:03 UTC as a precautionary measure to address a rare security vulnerability that potentially affected a small number of user sessions. The issue, identified on March 2 through an external report, involved a race condition that could misroute an authenticated session to another user's browser, but it did not result from compromised passwords or access tokens and could not be exploited by malicious users. A patch was deployed on March 5, with a second patch on March 8 to further secure the system. Fewer than 0.001% of sessions were impacted, and GitHub has contacted affected users with guidance. GitHub emphasizes its commitment to transparency and security, sharing this incident for public awareness and planning to release a root cause analysis. Chief Security Officer Mike Hanley, who has a background in security at Duo Security and Cisco, leads the effort to maintain trust and protect the platform.