Hackers used stolen OAuth access tokens to breach organizations
On Friday, GitHub, an open-source software hosting site, said that it had uncovered evidence of an unknown attacker illegally acquiring sensitive data from several organizations using stolen OAuth user credentials. “An attacker utilized stolen OAuth user credentials given to two third-party OAuth integrators, Heroku and Travis-CI, to access data from a variety of organizations, including … Read more