GIGAZINE

Unauthorized access to dozens of private repositories including 'npm' occurred on GitHub, what is the damage situation and countermeasures?

The GitHub security team discovered unauthorized access to npm's private repository on April 12, 2022. As a result of investigating the cause of unauthorized access, access tokens to private ...
ZDNet

Heroku to begin user password reset almost a month after GitHub OAuth token theft

Heroku has alerted a "subset" of its users that it is going to reset their passwords on May 4 unless they change passwords beforehand. In resetting the password, the company is warning that existing ...
IT News For Australia Business

Stolen Heroku and Travis-CI OAuth tokens used for GitHub repo hacks

An attacker who used stolen OAuth open standard authentication tokens from Heroku and Travis-CI was able to download private repositories and source code ahead of the Easter holidays. Open source ...