GitHub: Attacker breached dozens of orgs using stolen OAuth tokens (Bleeping Computer)

Bleeping Computer: GitHub: Attacker breached dozens of orgs using stolen OAuth tokens. “GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories. Since this campaign was first spotted on April 12, 2022, the threat actor has already accessed and stolen data from dozens of victim organizations using Heroku and Travis-CI-maintained OAuth apps, including npm.”

Leave a Reply

%d bloggers like this: