On January 4, GitHub published a new version of the Desktop app that’s signed with new certificates that were not exposed to the threat actor. Users of Desktop should update to this new version.