|
|
|
|
|
|
by koolba
1504 days ago
|
|
|
> Access to the environment was gained by leveraging a compromised token for a Heroku machine account. Any idea if this involves AWS EC2 Instance Roles? It’s incredibly convenient, but has got to be the scariest feature to enable on a platform that allows arbitrary user code to execute. |
|
|