Hackers stole GitHub and GitLab OAuth tokens from Git analytics firm Waydev

OAuth tokens have been abused for intrusions at least two other companies, Dave.com and Flood.io.