IT News For Australia Business

Stolen Heroku and Travis-CI OAuth tokens used for GitHub repo hacks

An attacker who used stolen OAuth open standard authentication tokens from Heroku and Travis-CI was able to download private repositories and source code ahead of the Easter holidays. Open source ...
GIGAZINE

Unauthorized access to dozens of private repositories including 'npm' occurred on GitHub, what is the damage situation and countermeasures?

The GitHub security team discovered unauthorized access to npm's private repository on April 12, 2022. As a result of investigating the cause of unauthorized access, access tokens to private ...