GitHub has revealed that attackers have abused OAuth user tokens issued to Heroku and Travis-CI, popular third-party OAuth integrators. GitHub, a cloud-based repository, revealed on Friday about receiving evidence of an unidentified adversary exploiting stolen OAuth user tokens issued to Heroku and Travis-CI to download private data from dozens of organizations illegally.

Read full article on HackRead