Fetching from the wire…
Public story · 2026-03-15 · source-backed
Stolen GitHub tokens from the 2025 nx npm breach were used to exploit OIDC trust relationships, creating admin IAM roles and achieving full cloud access. AI coding agents with authenticated tooling materially accelerate lateral movement in this attack class. The Hacker News
Each link below shares sources, entities, or timing with this story.
Shared entities / Same source domain / Shared topic / Earlier coverage
Both cover IAM, The Hacker News; reported by the same outlet (thehackernews.com); overlapping topics (access, agent).
Shared entity: Hours / Same source domain / Shared topic / What happened next
Both cover Hours; reported by the same outlet (thehackernews.com); overlapping topics (cloud, exploit, hour).
Shared entities / Same source domain / What happened next
Both cover IAM, The Hacker News; reported by the same outlet (thehackernews.com); picks up the IAM thread on 2026-06-14.
Both cover Hours, The Hacker News; reported by the same outlet (thehackernews.com); picks up the Hours thread on 2026-05-10.
Shared entities / Shared topic / What happened next
Both cover Hours, OIDC; overlapping topics (attack, hour); picks up the Hours thread on 2026-04-02.
Shared entity: The Hacker News / Same source domain / Shared topic / Earlier coverage
Both cover The Hacker News; reported by the same outlet (thehackernews.com); overlapping topics (access, agent, attack).
Shared entity: Hours / Same source domain / Shared topic / What happened next
Both cover Hours; reported by the same outlet (thehackernews.com); overlapping topics (attack, hour).
Shared entity: The Hacker News / Same source domain / Shared topic / What happened next
Both cover The Hacker News; reported by the same outlet (thehackernews.com); overlapping topics (agent, attack).