You have 0 Articles Left This Month. Unlock Endless Possibilities - SIGN UP TODAY
Reach an unlimited knowledgebase of security news & insights, including: leadership management, enterprise services, security training, video surveillance, identity management, cybersecurity, critical infrastructure and much more.

CybersecurityManagementSecurity NewswireSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecurityCybersecurity News

GitHub notifies organizations of third-party OAuth token theft

By Maria Henriquez

GitHub suffered a third-party breach after a malicious threat actor was discovered smuggling data out of the repository using stolen OAuth tokens.

OAuth tokens are a standard method for automating cloud services, such as code repositories and DevOps pipelines, explains Ray Kelly, Fellow at NTT Application Security. “These tokens are considered secrets for a good reason and are often “masked” with stars or not shown at all to help protect connected business services.”

You have 0 complimentary articles left.

Join our exclusive community!

When you do, you'll gain access to: 

  • Educational Webinars, Videos & Podcasts: Receive cutting-edge insights and invaluable resources, empowering you to stay ahead in the dynamic world of security.
  • Empowering Content: At your computer or on-the-go, stay up-to-date when you receive our eNewsletters curated with the latest technology and services that address physical, logical, cyber and enterprise resilience.
  • Unlimited Article Access: Dive deep into the world of cybersecurity and risk management leadership with unlimited access to our library of online articles.

Already have an account? Sign in here.

Privacy Policy

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!