WeLiveSecurity

Facebook: No evidence attackers used stolen access tokens on third-party sites

Facebook has announced that it found no evidence that attackers had used stolen account access tokens on other websites or apps that enable users to access their accounts using Facebook Login. This ...
PC World

Developers leak Slack access tokens on GitHub, putting sensitive business data at risk

Developers from hundreds of companies have included access tokens for their Slack accounts in public projects on GitHub, putting their teams’ internal chats and other data at risk. Slack has become ...
The Hacker News

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

UNC6426 used stolen GitHub tokens from the 2025 nx npm breach to gain AWS admin access in under 72 hours, enabling data theft ...
AppleInsider

How Apple could kill CAPTCHAs with Private Access Tokens

Apple demoed technology at WWDC 2022 called Private Access Tokens — and they could potentially kill CAPTCHAs once and for all. Private Access Tokens (PAT) can prove when an HTTP request is coming from ...
glamsham.com

Hackers stole customer access tokens from Okta’s support unit, admits firm

Identity and access company Okta has identified “adversarial activity” that leveraged access to a stolen credential to access Okta’s support case management system. The threat actor was able to view ...
Forbes

What Are DApp Tokens?

A decentralized application (dApp) token coordinates activity for applications running on top of blockchains that provide services such as trading and lending, data storage, and even publishing blogs.
TechCrunch

Okta says hackers stole customer access tokens from support unit

Identity and access giant Okta said a hacker broke into its customer support ticket system and stole sensitive files that can be used to break into the networks of Okta’s customers. Okta chief ...