News

Salesloft says Drift customer data thefts linked to March GitHub account hack

The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...

GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign

Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...
ZDNet13y

GitHub suspends member over 'mass-assignment' hack

A GitHub member was briefly suspended on Sunday after he exploited a vulnerability in the code repository's systems without first telling GitHub he was going to do so. Egor Homakov's hack caused ...
Tech Xplore on MSN7d

Fraudsters use fake stars to game Github, scam users

Millions of users of GitHub, the premier online platform for sharing open-source software, rely on stars to establish their ...

Salesloft: March GitHub repo breach led to Salesforce data theft attacks

Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in ...
Threat Post11y

Five OAuth Bugs Lead to Github Hack

A Russian researcher was able to take five low severity OAuth bugs and string them together to create what he calls a “simple but high severity exploit” in Github. A Russian security researcher was ...
Network World7y

The aftermath of the Gentoo GitHub hack

Gentoo GitHub hack: What happened? Late last month (June 28), the Gentoo GitHub repository was attacked after someone gained control of an admin account. All access to the repositories was soon ...