Threat actors that compromised two OAuth integrators could potentially penetrate cloud systems

Covers a security incident where stolen OAuth tokens from Heroku and Travis-CI were used to breach private code repositories hosted on GitHub.