Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

ggshield 1.51 is here with better support for AI-powered development and browser-less environments. This release adds Codex hook support, MCP server detection across Claude and Cursor, and `ggshield auth login --method oob` for SSH sessions and headless servers. It also strengthens trust in the ggshield supply chain with GitHub Artifact Attestations for release binaries, improves plugin management through your authenticated GitGuardian instance, adds a `vscode` alias for Copilot hook installation, and shows workspace ID in `ggshield api-status`.

https://www.youtube.com/watch

AI coding assistants like Claude Code and Cursor are helping developers write more code faster, but that also means more chances for secrets to slip into prompts, files, commits, and tool outputs. GitGuardian’s new open-source **agent-skills** repository teaches AI agents how to use **ggshield** directly inside the developer workflow: when to scan, how to read findings, and how to guide remediation for leaked credentials.

Read the full report here: https://www.gitguardian.com/state-of-secrets-sprawl-report-2026

In this interview, GitGuardian security researcher Guillaume Valadon breaks down how GitGuardian discovered a public GitHub repository exposing CISA-related secrets, including plain-text passwords, AWS tokens, SAML certificates, CI/CD files, Kubernetes manifests, and internal operational documentation. We discuss how the leak was identified, why exposed secrets can create immediate risk, and how GitGuardian helped escalate the disclosure until the repository was taken offline within 26 hours.

"Malware is created by criminals. They are intending to cause harm. It is not hypothetical. They want you to consume it for nefarious purposes.".