#github-security

[ follow ]
#api-keys #secret-leakage #llm-data-leakage #oauth-abuse #third-party-app-governance #secrets-exposure
Information security
fromTheregister
1 week ago

AI companies keep publishing private API keys to GitHub

Major AI companies frequently leak API keys, tokens, and other credentials on public GitHub repositories, exposing models, training data, and organizational details.
Information security
fromInfoWorld
2 months ago

A wake-up call for identity security in devops

OAuth app permissions often lack centralized visibility and governance, enabling attackers to abuse authorized tokens to access code, secrets, and pivot across infrastructure.
Privacy technologies
fromArs Technica
4 months ago

GitHub abused to distribute payloads on behalf of malware-as-a-service

Malware-as-a-service operators have exploited GitHub to distribute malicious software, posing challenges for organizations relying on the platform.
[ Load more ]