Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators

SecuritySecurity alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integratorsOn April 12, GitHub Security began an investigation that uncovered evidence that an attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including npm. Read on to learn more about the im

[efcl]

HerokuとTravis CIのOAuthトークンが悪用されているという話。 Heroku側: https://status.heroku.com/incidents/2413 git cloneのAudit logはGitHub Enterprise Cloudプランの場合だけ取得できる https://bit.ly/3OicwYS

[sasasin_net]

土曜日に出すな (迅速にアナウンスしてくれて本当に感謝しています毎度お世話になってます)

[vvakame]

先週末HerokuとかTravisCIが話題に登ってたのこれか

[nilab]

“On April 12, GitHub Security began an investigation that uncovered evidence that an attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including npm”

[yasushicohi]

“compromise”

[h3poteto]

これか，やばいな

[razokulover]

ひぇぇ

[ya--mada]

“Heroku and Travis-CI on April 13 and 14; more detail is available below and we will update this blog as we learn more.”

[tkysktmt]

“Heroku Dashboard (ID: 145909) Heroku Dashboard (ID: 628778) Heroku Dashboard – Preview (ID: 313468) Heroku Dashboard – Classic (ID: 363831) Travis CI (ID: 9216)”

[rinsuki]

やばい！！