AI-driven development fueled a surge in developer secrets leaks last year, with nearly 29m credentials discovered on public ...
AI code assistants are helping to leak more secrets than the Github baseline, with credentials the most at risk.
GitGuardian, the security leader behind GitHub's most installed application, today released the 5th edition of its “ State of ...
Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...
Attackers have hijacked 75 of 76 GitHub Actions tags for Aqua Security's Trivy scanner, distributing credential-stealing ...
Some of the most significant software supply chain incidents over the past year were carried out by threat actors who exploited vulnerabilities in GitHub, the global repository widely used by software ...
Research found that 65% of the world’s most valuable AI firms accidentally exposed their most sensitive digital secrets on GitHub. These are industry titans with combined valuations exceeding $400 ...
At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on ...
A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys. The attack was discovered by ...
A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results