GitHub says an attacker used stolen OAuth user tokens issued to Heroku and Travis-CI to download data from private repositories owned by npm and other organizations (Sergiu Gatlan/BleepingComputer)







Sergiu Gatlan / BeepComputer:

GitHub says attacker used stolen OAuth user tokens issued to Heroku and Travis-CI to download data from private repositories owned by npm and other organizations— GitHub revealed today that an attacker is using stolen user tokens (issued to Heroku and Travis-CI OAuth) to download data from private repositories.





Roxxcloud

Leave a Reply

Your email address will not be published.

Back to top