GitHub Says Hackers Breach Dozens of Organizations Using Stolen OAuth Access Tokens

Discussion in 'News Aggregator' started by Ravie Lakshmanan, 16 Apr 2022.

  1. Cloud-based repository hosting service GitHub on Friday revealed that it discovered evidence of an unnamed adversary capitalizing on stolen OAuth user tokens to unauthorizedly download private data from several organizations. "An attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including NPM

    Continue reading...
     

Share This Page

Loading...