GitHub has announced that dozens of organizations' private repositories had been compromised using stolen OAuth tokens last month as a part of a highly targeted operation, SecurityWeek reports.
Attackers leveraged exfiltrated OAuth tokens issued to Heroku and Travis CI to authenticate to GitHub API and generate a list of all organizations that could be accessed, according to GitHub.
Such tokens, which are utilized for automation, have been compromised prior to the attack. Moreover, organizations were listed by the attackers in an effort to determine private repositories and accounts that could be cloned.
"GitHub believes these attacks were highly targeted based on the available information and our analysis of the attacker behavior using the compromised OAuth tokens issued to Travis CI and Heroku," said the code hosting platform.
Final recommendations for organizations and users affected by the recent attack are underway but GitHub has called on users to track updates through Travis CI and Heroku.
U.S.-based networks of major Japanese zipper manufacturer YKK were confirmed to have been targeted by a cyberattack, which the company says has been immediately contained, according to The Record, a news site by cybersecurity firm Recorded Future.
Data in Honda's power equipment e-commerce site exposed by API vulnerabilities BleepingComputer reports that Honda had its e-commerce platform for power equipment impacted by password reset API security vulnerabilities, which could be leveraged to access customer information and other documents.
SecurityWeek reports that updates have been released by open source password manager KeePass to resolve the vulnerability, tracked as CVE-2023-32784, affecting KeePass 2.x versions, which could be exploited to facilitate cleartext master password retrievals from a memory dump.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news