News
Heroku has now revealed that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database. The Salesforce-owned cloud platform ...
Analysis of The Attacker’s Behavior GitHub analysis the incident include that the attackers authenticated to the GitHub API using the stolen OAuth tokens issued to accounts Heroku and Travis CI.
Hashed and salted passwords of customers were exfiltrated thanks to a stolen GitHub integration OAuth token.
The GitHub OAuth attack exposed a security blind spot in the ever-growing web of permissions spanning developers, service ...
GitHub has revealed that dozens of organizations were compromised by a data thief that used stolen OAuth tokens to access their private repositories. The developer platform’s security team opened an ...
GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories.
Last week, GitHub Security researchers reported that an unknown attacker is using stolen OAuth user tokens issued to Heroku and Travis-CI to download data from dozens of organization’s private ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback