#AccessTokens

GitHub enables push protection by default to stop secrets leak

by

February 29, 2024 at 01:59PM GitHub has introduced push protection by default for all public repositories, preventing accidental exposure of secrets like access tokens and API keys during code pushes. The feature scans for over 200 token types and patterns from 180+ providers and allows users to remove or bypass detected secrets. Push protection is … Read more

Critical OAuth Flaws Uncovered in Grammarly, Vidio, and Bukalapak Platforms

by

October 25, 2023 at 09:45AM Critical security flaws in the OAuth implementation of popular online services such as Grammarly, Vidio, and Bukalapak have been disclosed. These weaknesses could have allowed malicious actors to hijack user accounts by obtaining access tokens. The vulnerabilities have been addressed by the respective companies. OAuth, commonly used for cross-application access, … Read more