helpnetsecurity.com – CircleCI breach was effected by stealing an engineer’s session cookie and using it to impersonate the employee in a remote location.
Tweeted by @helpnetsecurity https://twitter.com/helpnetsecurity/status/1614985052198166535
CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie – Help Net Security