%term

Credential management for AI agents

May 7, 2026 By Rachel Sudbeck In 1Password

The proliferation of credentials outside centralized visibility and control is known as “credential sprawl,” and attackers are eager to take advantage of it. Unfortunately, credential management is a broad problem that only grows in complexity as organizations add new tools, employees, and partners.

Read Post

1Password

Read more about Credential management for AI agents

GitGuardian Can Now Monitor Your Gerrit Repositories To Help You Fight Secrets Sprawl

Apr 23, 2026 By GitGuardian In GitGuardian

In this video, Romain Jouhannet, Product Manager at GitGuardian, talks with Dwayne McDaniel, Developer Advocate at GitGuardian about the platform's new native support for Gerrit as a VCS source. Gerrit is widely used for enterprise code review workflows, often hosting sensitive internal repositories. You can now connect your Gerrit instance to GitGuardian to detect secrets exposed across your repositories and commit histories, with the same experience as our other VCS integrations.

View Video

GitGuardian

Read more about GitGuardian Can Now Monitor Your Gerrit Repositories To Help You Fight Secrets Sprawl

Hardcoding Security into Every Commit: The Future of Snyk Secrets

Apr 23, 2026 By Kate Powers Burke In Snyk

In the modern software development lifecycle, the speed of innovation is often at odds with the security of our most sensitive data. As organizations embrace cloud-native development and AI-generated code, they face a phenomenon known as “secret sprawl”, aka, the uncontrolled and widespread distribution of API keys, passwords, and tokens across repositories, CI/CD logs, and developer collaboration tools.

Read Post

Snyk

Read more about Hardcoding Security into Every Commit: The Future of Snyk Secrets

The State of Secrets Sprawl 2026: Expert Panel - April 7, 2026

Apr 13, 2026 By GitGuardian In GitGuardian

GitGuardian’s 2026 State of Secrets Sprawl Report reveals a 34% increase of new hardcoded secrets were exposed on public GitHub in 2025. Join us to discuss the number and types of secrets we discovered, and other key findings, with our expert panel!

View Video

GitGuardian

Read more about The State of Secrets Sprawl 2026: Expert Panel - April 7, 2026

Key Leaks, Vault Failures, and TEE Attacks: Highlights from RWC 2026

Apr 1, 2026 By Gaetan Ferry In GitGuardian

What resonated most at RWC 2026? GitGuardian highlights key research on private key leaks, password managers, trusted execution environments, and secret sprawl.

Read Post

GitGuardian

Read more about Key Leaks, Vault Failures, and TEE Attacks: Highlights from RWC 2026

Trivy's March Supply Chain Attack Shows Where Secret Exposure Hurts Most

Mar 24, 2026 By Guillaume Valadon In GitGuardian

The Trivy story is moving quickly, and the latest reporting makes one thing clear: this is no longer just a GitHub Actions tag hijack. What started as a compromise of trivy-action, setup-trivy, and the v0.69.4 release has expanded into malicious Docker Hub images.

Read Post

GitGuardian

Read more about Trivy's March Supply Chain Attack Shows Where Secret Exposure Hurts Most

The Library That Holds All Your AI Keys Was Just Backdoored: The LiteLLM Supply Chain Compromise

Mar 24, 2026 By Ben Hirschberg In ARMO

We just published a deep breakdown of the Trivy supply chain attacks yesterday. Twenty-four hours later, we’re writing about the next one. Same threat actor. Different target. Worse implications. This time it’s LiteLLM, the Python library that acts as a universal API gateway for over 100 LLM providers. If you’re building anything with AI agents, MCP servers, or LLM orchestration, there’s a good chance LiteLLM is somewhere in your dependency tree.

Read Post

ARMO

Read more about The Library That Holds All Your AI Keys Was Just Backdoored: The LiteLLM Supply Chain Compromise

GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub

Mar 17, 2026 By GitGuardian In GitGuardian

In 2025, Developer Commits Using Claude Code Show 3.2% Secret Leak Rate vs. 1.5% Baseline. The Human Factor Remains Critical.

Read Post

GitGuardian

Read more about GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub

The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub

Mar 17, 2026 By Anna Nabiullina In GitGuardian

GitGuardian’s 5th State of Secrets Sprawl report is here. In this blog, we unpack the key findings behind the 2026 edition, from AI-driven leak growth to the remediation gaps security teams can’t ignore.

Read Post

GitGuardian

Read more about The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub

Protecting Developers Means Protecting Their Secrets

Mar 3, 2026 By Dwayne McDaniel In GitGuardian

Secrets don’t just leak from Git. They accumulate in filesystems, env vars, and agent memory. See how to find them, stop the bleed, and protect your whole supply chain.

Read Post

GitGuardian

Read more about Protecting Developers Means Protecting Their Secrets

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Credential management for AI agents

GitGuardian Can Now Monitor Your Gerrit Repositories To Help You Fight Secrets Sprawl

Hardcoding Security into Every Commit: The Future of Snyk Secrets

The State of Secrets Sprawl 2026: Expert Panel - April 7, 2026

Key Leaks, Vault Failures, and TEE Attacks: Highlights from RWC 2026

Trivy's March Supply Chain Attack Shows Where Secret Exposure Hurts Most

The Library That Holds All Your AI Keys Was Just Backdoored: The LiteLLM Supply Chain Compromise

GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub

The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub

Protecting Developers Means Protecting Their Secrets

Monthly Archive

Follow Us