The GitHub website is currently down (2009-10-30 16:31 Z) and there is a coincidental security warning for the Nginx webserver, which GitHub uses.
It is possible that GitHub and Nginx are being attacked. It is possible that if the attack is successful, and if the attack can affect GitHub files, then there is a risk to the software developers and projects on GitHub.
GitHub is essentially a centralized way for software developers to share files, some of which may be downloaded by other software developers and included in their own projects.
For example, GitHub is among the largest service providers distributing Ruby gem programming libraries, which may software developers install on many websites.
Most GitHub projects have semi-automatic updating capabilities, for example updating source code via the git utility, or by a software developer running a Ruby gem upgrade.
This kind of deference can possibly lead to a vulnerability, for example a weakness that an attacker can exploit to cause a denial of service attack, or more seriously, to execute the attacker's code on the Nginx webserver's system.
If a GitHub customer does an update that includes rogue code, then the rogue code could be downloaded to the customers system, or installed on the customers website.
GitHub may have security in place to prevent this kind of multi-step attack, i.e. to prevent an attack that compromises Nginxx and in turn compromises GitHub projects.
We believe that this is consistent with the kinds of effects that a company could see during a denial of service attack.