Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.

News > Attacks & Threats > Novo Nordisk Breach Highlights Software Development Pipeline Risk

Novo Nordisk Breach Highlights Software Development Pipeline Risk

A leaked GitHub token underscores what most organizations get wrong: Treating secrets management as a tooling problem rather than an identity problem.

A recent — and likely massive — breach at Novo Nordisk, where attackers reportedly gained an initial foothold using a single GitHub access token, underscores how code repositories and developer environments have become ground zero for attackers seeking intellectual property, credentials, and software supply chain assets.

Novo Nordisk, the Danish pharmaceutical giant behind blockbuster drugs Ozempic and Wegovy, disclosed the breach June 11 after detecting unauthorized access to what it claimed were a "limited number of its internal IT systems."  More here

Similar Stories

A cryptomining incident highlights how AI gateways can provide access to AI models, cloud infrastructure, and identity and access management (IAM) data. More...

Microsoft signed a malicious kernel driver, and now it's being used to kill security software in ransomware attacks. More...

Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried? More...

An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and enc… More...

Does life feel Orwellian sometimes? One researcher has a solution for you: graphic tees that confuse the neural networks… More...

Have your say

 

News Categories

A cryptomining incident highlights how AI gateways can provide access to AI models, cloud infrastructure, and identity and access management (IAM) data. More...

Microsoft signed a malicious kernel driver, and now it's being used to kill security software in ransomware attacks. More...

Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried? More...

An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and enc… More...

Does life feel Orwellian sometimes? One researcher has a solution for you: graphic tees that confuse the neural networks… More...

image

Contact Us

Security Interest Group Switzerland
c/o Bridge Head AG
Sulzbergstrasse 34
5430 Wettingen
Switzerland

Follow Us

This website is powered by
ToucanTech