Bleeping Computer

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories. Since this campaign was first spotted on April 12, ...
ZDNet

Hackers stole GitHub and GitLab OAuth tokens from Git analytics firm Waydev

Waydev, an analytics platform used by software companies, has disclosed a security breach earlier this month. The company says that hackers broke into its platform and stole GitHub and GitLab OAuth ...