Surviving the GitHub OAuth hack – remediating thousands of hardcoded credentials

3 points by lumberjack24 ↗ HN
While going through other HN threads, I noticed many participants in the discussions recommend that organizations noticing suspicious repo cloning activity start scanning source code for credentials. This is a great advice to limit the damage.

But where do you start when you find thousands of secrets exposed?

1 comment

[ 8.1 ms ] story [ 15.5 ms ] thread