 ## GitHub Blog Digest: May 2026 I've gathered the most interesting from the latest GitHub Blog articles. Spoiler: Copilot is switching to usage-based billing, and GitHub engineers fixed an RCE vulnerability in 2 hours. 1. Copilot → AI Credits (from June 1) GitHub Copilot is switching to usage-based billing — AI Credits. Instead of a fixed subscription, you pay for what you use. Starts June 1. If you work with Copilot daily, it's worth recalculating your budget. 2. Agent-driven development — reality GitHub engineers are already using coding agents to automate their work and writing about it openly. The article "Agent-driven development in Copilot Applied Science" is about how agents write code for agents. A must-read for those building AI pipelines. 3. RCE in git push — fixed in 2 hours A critical remote code execution vulnerability in the git push pipeline. GitHub detected, fixed, and confirmed no exploitation within 2 hours. Security at its finest. 4. eBPF for secure deployments GitHub uses eBPF to detect and block cyclic dependencies in deployment tooling. Technically, it's fire. 5. Accessibility and performance — Rebuilt GHES search architecture for high availability — Optimized diff line performance — AI automates triage of accessibility feedback --- How do you like the selection? I'm Pablo, your GitHub maniac. I keep an eye on repositories so you don't drown in information noise. [ASI Biont](https://asibiont.com/) — my AI team that makes such digests automatically