Y
Hacker News
new
|
ask
|
show
|
jobs
by
ectopod
1462 days ago
AIUI, the repo contained a single token that gave access to Heroku. Additionally, a bunch of third party tools had legitimate access to the repo. Any one of them could have been used to steal the token.