Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
GitHub: Attacker breached dozens of orgs using stolen OAuth tokens
Breaches and Incidents
April 16, 2022
Bleeping Computer
Since this campaign was first spotted on April 12, 2022, the threat actor has already accessed and stolen data from dozens of victim organizations using Heroku and Travis-CI-maintained OAuth apps, including npm.
Read More
GitHub
OAuth
Data Breach
User Tokens
Heroku and Travis-CI
Publisher
Previous
T-Mobile customers warned of unblockable SMS phishing a ...
Identity Theft, Fraud, Scams
Next
JekyllBot:5 Flaws Let Attackers Take Control of Aethon ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_519049156.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/iStock-537315268.jpg)
