#secret-leakage
#secret-leakage

[ follow ]

AI companies keep publishing private API keys to GitHub

Major AI companies frequently leak API keys, tokens, and other credentials on public GitHub repositories, exposing models, training data, and organizational details.

Information security

fromInfoWorld

1 month ago

Threat actors are spreading malicious extensions via VS marketplaces

Over 500 Visual Studio extensions contained exposed access tokens and secrets, enabling potential exploitation across thousands of installs due to bundled dotfiles and hardcoded credentials.

Information security

fromTheregister

1 month ago

Devs of VS Code extensions are leaking secrets en masse

VS Code extensions frequently expose sensitive secrets, enabling potential large-scale supply chain attacks.

[ Load more ]

#secret-leakage#secret-leakage

AI companies keep publishing private API keys to GitHub

Threat actors are spreading malicious extensions via VS marketplaces

Devs of VS Code extensions are leaking secrets en masse

#secret-leakage
#secret-leakage