source code

They Validated Your GitHub Tokens. Now They're Cloning Your Repos.

The token-checking campaign we warned about two weeks ago has entered phase two. Attackers are mass-cloning private repositories using stolen PATs. Your source code is walking out the door.