Researchers at Aqua Security discovered that “tens of thousands of user tokens” are exposed through the Travis CI API that offer access to more than 770 million logs with various types of ...

Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD ...

Build artifacts generated by GitHub Actions often contain access tokens that can be abused by attackers to push malicious code into projects or compromise cloud infrastructure.

It has been discovered that GitHub authentication tokens have been leaked from several well-known open source projects on GitHub, including those from Google, Microsoft, Amazon Web Services (AWS ...

The GitHub OAuth attack exposed a security blind spot in the ever-growing web of permissions spanning developers, service ...

Analysis of The Attacker’s Behavior GitHub analysis the incident include that the attackers authenticated to the GitHub API using the stolen OAuth tokens issued to accounts Heroku and Travis CI.

Developers from hundreds of companies have included access tokens for their Slack accounts in public projects on GitHub, putting their teams' internal chats and other data at risk.

Documentation startup Mintlify says dozens of customers had GitHub tokens exposed in a data breach at the start of the month and publicly disclosed last week. Mintlify helps developers create ...

Hacking Slack accounts: As easy as searching GitHub Bot tokens leaked on public sites expose firms' most sensitive business secrets.