Is there a fix for it. If so, can the vulnerability be revealed?

I know there is the repojacking exploit involving dependent repositories. Is this something different? Did a dependent repository have this happen to it? 

[@amphibiousParakeet](7KejvRw4GZvVjFQEDefAsBRd9iaTjVeUWczB44Mgu8Bue8JW-hydradx) 

Hey sir : A combination of social engineering and bad setup of access keys made it possible for the whitehat to extract some of the repository secrets. We rotated all secrets and made PR approval mandatory after any commit push to close the vulnerability

**Price:** Kraken 7d EMA 0.0234
**Requested Tip:** $ 5,000
**Requested Tip:** 213,675 HDX
**Payout Address:** 7KnUju3o6dQ4q6uH7vPs9ct91qEt7XqcHxdb4ahPhV9S9tEj

Tip for reporting on Immunefi a vulnerability related to relevant GitHub repositories. The report was classified as Critical in the category "Websites and Applications", eligible for the minimum payout of $5,000: https://immunefi.com/bounty/hydradx/

[Tip request] Bug Bounty Payout GitHub Vulnerability