Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators | The GitHub Blog · Jamie Tanna

Liked Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators | The GitHub Blog

Post details

On April 12, GitHub Security began an investigation that uncovered evidence that an attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including npm. Read on to learn more about the impact to GitHub, npm, and our users.

Sat, 16 Apr 2022 07:40 by Jamie Tanna .

This post was filed under likes.

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.