You can now find Cyber Kendra on Google News | Telegram

Facebook and GitHub Comes up Together to Remove Leaked API Tokens

Secret scanning will scan your GitHub repository for any secrets.

Facebook security team officially joins partnership with GitHub team to search and invalidate the Facebook API access tokens that have been accidentally been uploaded and leaked inside GitHub repositories.

Both's teams will work on the GitHub Secret Scanning project, a GitHub security feature that scans all new code uploaded on the GitHub platforms for strings that look like passwords and access tokens. On scanning, if the project found strings that match with the API access tokens formats then GitHub pushes the alerts notification to the project owner or code developer for exposure or leaks.

GitHub has already added support for detecting Facebook API tokens, but with this new official partnership, GitHub will now also send details about exposed tokens to Facebook (or to Meta, Facebook's new corporate name).

“Access tokens with a valid session will be automatically invalidated,” a Meta spokesperson said today. “When an access token is invalidated, the app admin will be notified via the Developer Dashboard.”

This partnership will help the developer to prevent the heist situation, as exposed Facebook tokens can be used to silently harvest Facebook data, extract personal information from a developer’s third-party Facebook app or game, or just send spam and malicious files to regular Facebook users.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.