InfoSec News Nuggets 05/03/2022
GitHub Says Recent Attack Was Highly Targeted Microsoft-owned code hosting platform GitHub says the recent cyberattack that resulted in the cloning of private repositories was highly targeted in nature. Disclosed in mid-April, the incident involved stolen OAuth tokens issued to third-party integrators Heroku and Travis CI, which were used to download the private repositories of dozens of organizations. The two continuous integration (CI) systems help organizations automate the scanning of newly introduced code changes, to help identify…