all InfoSec news
Plugging secrets leaks requires holistic software and technology stack protection
ReversingLabs Blog blog.reversinglabs.com
Secrets leaks have become a disturbing trend on GitHub, and may pose a serious risk to your organization's software supply chain. Developers are leaving secrets such as login credentials, API keys, SSH keys, encryption keys, and database passwords exposed in their code and comments. Unfortunately, those secrets are an integral part of any application — and a prime target for threat actors to discover when stored in code repositories.
api api keys application code code repositories comments credentials database developers discover encryption encryption keys exposed github keys leaks login login credentials may organization passwords prime protection repositories risk secrets secrets security serious software software supply chain software supply chain security ssh ssh keys supply supply chain target technology threat threat actors trend