The Hacker News reports that nearly 100,000 GitHub users had their NPM usernames and passwords, as well as email addresses compromised after GitHub's integration OAuth tokens were stolen last month.
Attackers were also able to leverage the stolen OAuth tokens to obtain access to CSV files containing an archive of all NPM private packages' names and version numbers until April 10, as well as some private package data from two organizations, according to GitHub.
Such compromise was achieved by threat actors through OAuth token exploitation to allow private NPM repository exfiltration, with the stolen AWS access keys then used to infiltrate the infrastructure of the registry. However, GitHub noted that the attackers did not alter any of the published packages nor added new versions of already available packages.
"The attacker was only listing organizations in order to identify accounts to selectively target for listing and downloading private repositories," said GitHub regarding the "highly targeted" campaign earlier this month.
GitHub OAuth breach compromises almost 100K users
The Hacker News reports that nearly 100,000 GitHub users had their NPM usernames and passwords, as well as email addresses compromised after GitHub's integration OAuth tokens were stolen last month.
Widespread adoption of artificial intelligence could substantially change U.S. law, several experts said at the InfoSec World 2024 security conference.
Aside from inconsistencies between Content Validator inputs and those received by the Content Interpreter, such an issue was also caused by an out-of-bounds flaw in the Content Interpreter and inadequate testing, according to a root cause analysis issued by CrowdStrike.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news