The rapidly spreading OAuth-based attack on GitHub repositories is a growing threat, where attackers trick users into granting excessive permissions to malicious apps, compromising sensitive information and altering code. This type of attack exploits the trust placed in security notifications, leveraging fake security alerts to hijack user accounts and repositories. OAuth integrations simplify authentication but also come with risks when not properly managed, as most security teams lack visibility into which third-party apps have access to their repositories and what level of control they have. Veza is a solution that offers complete visibility into OAuth permissions, continuous monitoring for unusual behavior, enforcing least privilege, automated auditing and compliance, and protection against supply chain attacks, helping developers and security teams secure their GitHub repositories and prevent malicious OAuth-based attacks.