Probably not. The vast majority of Ubuntu development occurs on Launchpad. A few important projects are developed on Github, though. Notably, LXC and LXD. The maintainers of these projects are quite active, and would likely have seen any harmful changes being made.
The LXC and LXD repositories are under https://github.com/lxc which is a different Github organization with a much much smaller set of members (17 currently) than CanonicalLtd.
We require 2FA for all accounts under the lxc organization and only grant the access that's actually needed by those contributors. So while it's not impossible that one of our members' credentials may get compromised, especially when considering the use of access token, current access is as restricted as you would expect for those repositories.
It's also worth noting that because of Git's own design, even should one of those accounts get compromised, it would be fairly simple to spot and revert any changes that may have occurred.
