all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Leaving Authentication Credentials in Public Code

Add to bookmarks
Nov. 16, 2023, 12:10 p.m. | Bruce Schneier

Schneier on Security www.schneier.com

Seth Godin wrote an article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software code:


Researchers from security firm GitGuardian this week reported finding almost 4,000 unique secrets stashed inside a total of 450,000 projects submitted to PyPI, the official code repository for the Python programming language. Nearly 3,000 projects contained at least one unique secret. Many secrets were leaked more than once, bringing the total number of exposed secrets to almost 57,000...

article authentication code code repository credentials gitguardian language official programmers programming programming language projects public pypi python repository researchers secrets security software software code vulnerability week

Visit resource

More from www.schneier.com / Schneier on Security

Friday Squid Blogging: Emotional Support Squid 1 day, 12 hours ago | www.schneier.com
animal arms blogging can +5
FBI Seizes BreachForums Website 1 day, 22 hours ago | www.schneier.com
access addresses backend breachforums +25
Zero-Trust DNS 2 days, 22 hours ago | www.schneier.com
client development devices dns +21
Upcoming Speaking Engagements 4 days, 17 hours ago | www.schneier.com
current list may page +6
Another Chrome Vulnerability 4 days, 23 hours ago | www.schneier.com
anonymous aware chrome chrome vulnerability +13
LLMs’ Data-Control Path Insecurity 5 days, 22 hours ago | www.schneier.com
amp back box computer security +18
Friday Squid Blogging: Squid Mating Strategies 1 week, 1 day ago | www.schneier.com
blog blogging can guidelines +8
New Attack Against Self-Driving Car AI 1 week, 1 day ago | www.schneier.com
academic papers artificial intelligence attack cameras +15
How Criminals Are Using Generative AI 1 week, 2 days ago | www.schneier.com
adoption ai technologies ai tools artificial intelligence +20

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Senior - Penetration Tester

@ Deloitte | Madrid, España
View on infosec-jobs.com

Associate Cyber Incident Responder

@ Highmark Health | PA, Working at Home - Pennsylvania
View on infosec-jobs.com

Senior Insider Threat Analyst

@ IT Concepts Inc. | Woodlawn, Maryland, United States
View on infosec-jobs.com