#secrets-exposure

[ follow ]
#docker-hub #ai-api-keys #cloud-credentials #shadow-it #ai-security #github-leaks #vulnerability-disclosure
Information security
fromTechzine Global
2 days ago

Docker Hub contains treasure trove of 10,000+ images with exposed secrets

Over 10,000 Docker Hub images exposed live credentials, affecting 101 companies and risking cloud, AI, CI/CD, and database compromise.
Information security
fromIT Pro
1 month ago

GitHub is awash with leaked AI company secrets - API keys, tokens, and credentials were all found out in the open

65% of 50 examined AI companies leaked verified secrets on GitHub, often buried in deleted forks, gists, and developer repositories.
fromThe Hacker News
1 month ago

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

"A leaked VSCode Marketplace or Open VSX PAT [personal access token] allows an attacker to directly distribute a malicious extension update across the entire install base," Wiz security researcher Rami McCarthy said in a report shared with The Hacker News. "An attacker who discovered this issue would have been able to directly distribute malware to the cumulative 150,000 install base."
Information security
Information security
fromInfoWorld
3 months ago

A wake-up call for identity security in devops

OAuth app permissions often lack centralized visibility and governance, enabling attackers to abuse authorized tokens to access code, secrets, and pivot across infrastructure.
[ Load more ]