Some kind of unknown wifi attack seems the most plausible to extract the ssh key if you cofirm you haven't left the laptop unattended and everything else is reasonably secured.
Although you're certificate point did give me pause. Don't you have the private ssh key stored somewhere accessible from github? Like some kind of action or whatnot.
Also, is that key not password-protected? Did you ignore some SSH connection warnings and forwarded your agent?
I don't work in cybersecurity, so let's just say that my readteam knowledge is 1. I just try to understand how things work and protect my stuff as best I can. I'm just very surprised since your situation seems, on the surface at least, to fly in the face of what is commonly expected.
Although you're certificate point did give me pause. Don't you have the private ssh key stored somewhere accessible from github? Like some kind of action or whatnot.
Also, is that key not password-protected? Did you ignore some SSH connection warnings and forwarded your agent?
I don't work in cybersecurity, so let's just say that my readteam knowledge is 1. I just try to understand how things work and protect my stuff as best I can. I'm just very surprised since your situation seems, on the surface at least, to fly in the face of what is commonly expected.