News

TechCrunch1y
How a mistakenly published password exposed Mercedes-Benz source code
Mercedes-Benz accidentally exposed a trove of internal data after leaving a private key ... that the company “revoked the respective API token and removed the public repository immediately.” ...
ZDNet6y
Over 100,000 GitHub repos have leaked API or cryptographic keys
A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys ...
VentureBeat2y
50% of orgs report experiencing data breaches due to exposed API secrets
Learn More API vulnerabilities are a serious ... found that 53% have experienced a data breach to networks or apps due to compromised API tokens. The report also found that organizations are ...
Ars Technica6y
50 million Facebook accounts breached by access-token-harvesting attack
Those access tokens could be used, in theory, to launch applications and web sites that use the Facebook single sign on API, as well as to run queries against Facebook's "Graph" database as the user.
Bleeping Computer3y
Heroku admits that customer credentials were stolen in cyberattack
Heroku has now revealed that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database ... invalidate all API access tokens and ...