Nov. 16, 2023, 12:10 p.m. | Bruce Schneier

Schneier on Security

Seth Godin wrote an article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software code:

Researchers from security firm GitGuardian this week reported finding almost 4,000 unique secrets stashed inside a total of 450,000 projects submitted to PyPI, the official code repository for the Python programming language. Nearly 3,000 projects contained at least one unique secret. Many secrets were leaked more than once, bringing the total number of exposed secrets to almost 57,000...

article authentication code code repository credentials gitguardian language official programmers programming programming language projects public pypi python repository researchers secrets security software software code vulnerability week

Security Analyst Consultant

@ Kalles Group | Seattle Area

Principal Engineer - SecEng (Prisma Cloud Application Security)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel

Privacy Officer BeNeLux

@ Wolters Kluwer | NLD - Alphen Aan Den Rijn

Senior Information Security Specialist :Threat Intelligence

@ NTT DATA | Johannesburg, South Africa

Cyber Security - SOC Analyst (L2)

@ WPP | Chennai

Cybersecurity Analyst - A&A Support

@ Maveris | Washington, District of Columbia, United States - Remote