Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators | The GitHub Blog

2022/04/16 107 users The GitHub Blog

On April 12, GitHub Security began an investigation that uncovered evidence that an attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including npm. The applications maintained by these integr... 続きを読む