https://www.bleepingcomputer.com/news/security/github-how-stolen-oauth-tokens-helped-breach-dozens-of-orgs/

GitHub has shared a timeline of this month's security breach when a threat actor gained access to and stole private repositories belonging to dozens of organizations.

The attacker used stolen OAuth app tokens issued to Heroku and Travis-CI to breach GitHub.com customer accounts with authorized Heroku or Travis CI OAuth app integrations.