GitHub has uncovered evidence that an attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI. Read more about the impact to GitHub, npm, and our users. https://t.co/eB7IJfJfh1

Post

GitHub has uncovered evidence that an attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI. Read more about the impact to GitHub, npm, and our users.

Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party...

From github.blog

10:53 PM · Apr 15, 2022

Don't miss what's happening

People on X are the first to know.