Bleeping Computer

The Double-Edged Sword of Non-Human Identities

In a sweeping analysis conducted in late 2025, Flare researchers uncovered more than 10,000 Docker Hub container images leaking secrets (including production API keys, cloud tokens, CI/CD credentials, ...

Security study finds thousands of API credentials exposed on the web for years

Researchers scan 10 million websites and uncover thousands of exposed API keys quietly granting access to cloud systems and ...
Bleeping Computer

GitHub enables push protection by default to stop secrets leak

GitHub has enabled push protection by default for all public repositories to prevent accidental exposure of secrets such as access tokens and API keys when pushing new code. Today's announcement comes ...
Cybernews

Researchers find hundreds of exposed API keys providing access to AWS, GitHub, Stripe, and OpenAI

The exposed keys belonged to major service providers such as AWS, Stripe, and GitHub, and the potential damage ranged from ...
Morning Overview on MSN

Study finds thousands of sites exposed API keys and other credentials

Researchers scanning 10 million webpages have found that nearly 10,000 pages contained live API credentials left in plain ...
InfoWorld

Sensitive access tokens and keys found in hundreds of Android apps

Many developers still embed sensitive access tokens and API keys into their mobile applications, putting data and other assets stored on various third-party services at risk. A new study performed by ...
CSOonline

AI programming copilots are worsening code security and leaking more secrets

Copilot-enabled repos are 40% more likely to contain API keys, passwords, or tokens — just one of several issues security leaders must address as AI-generated code proliferates. AI coding assistants ...