[stub for offtopicness] (title fixed now)

erikerikson · 2025-10-02T17:04:26 1759424666

"Correction: After publishing, Red Hat confirmed that it was a breach of one of its GitLab instances, and not GitHub. Title and story updated."

Title needs updating

stingrae · 2025-10-02T16:56:51 1759424211

Correction Posted: "After publishing, Red Hat confirmed that it was a GitLab account breach, not GitHub."

sateesh · 2025-10-02T17:06:46 1759424806

It's GitLab not GitHub

jmclnx · 2025-10-02T13:57:36 1759413456

[flagged]

reactordev · 2025-10-02T14:40:55 1759416055

>”They allegedly found authentication tokens, full database URIs, and other private information in Red Hat code and CERs, which they claimed to use to gain access to downstream customer infrastructure.”

They published CERs somewhere that had access keys and urls. Probably to somewhere that it wasn’t authorized to be published or shared and they got a hold of it. Using that, they got a hold of everything else. More CERs, GitHub repos using access tokens, vpn credentials to all the hottest players. At this point, you’d have to tear down and rebuild to undo the damage. Rotating certs, keys, IP’s, the whole nine yards.

jasonjmcghee · 2025-10-02T14:10:33 1759414233

Sounds like they got their hands on authentication tokens. Through RedHat, not GitHub.

tzs · 2025-10-02T14:36:43 1759415803

It looks to me like the article is talking about authentication tokens that they found in the data they took from the breach.