Skip to main content

Tag: token theft

2 articles

Server room with equipment racks, cables, and blurred monitors.

Klue OAuth Breach Expands as Icarus Hackers Claim Multiple Victims

Klue's CEO Jason Smith revealed that on June 12, unauthorized activity was detected in their integration infrastructure, prompting a thorough investigation with cybersecurity experts to understand the breach and support affected customers. The incident allowed hackers to steal OAuth tokens through a compromised legacy credential, impacting connections to third-party platforms like Salesforce.

Analyst 207
Developer workstation with VS Code on laptop and GitHub page on nearby device.

VS Code Zero-Day Vulnerability Exposes GitHub Tokens to Theft

A security researcher just revealed a shocking VS Code zero-day vulnerability that lets attackers swipe your GitHub authentication tokens with just one click, exposing your online projects to potential theft. This exploit cleverly abuses VS Code's system to run malicious code and extract sensitive tokens.

Analyst 207