%term

Claude Code Co-authored Commits Leak Secrets At 2× The Baseline

May 27, 2026 By GitGuardian In GitGuardian

Read the full report here: https://www.gitguardian.com/state-of-secrets-sprawl-report-2026

View Video

GitGuardian

Read more about Claude Code Co-authored Commits Leak Secrets At 2× The Baseline

BSides312 2026: Security Basics Under New Pressure

May 25, 2026 By Dwayne McDaniel In GitGuardian

In an AI-assisted development era, the third edition of BSides312 showed why trust, identity, access, evidence, and community remain core to security work.

Read Post

GitGuardian

Read more about BSides312 2026: Security Basics Under New Pressure

Grafana and GitHub Breached: The Risk When Private Code Leaks

May 22, 2026 By Gaetan Ferry In GitGuardian

Code from GitHub and Grafana is in criminal hands. Secrets buried inside could open doors no one is thinking of protecting yet, and AI will make hunting 0-days in that private code faster than ever.

Read Post

GitGuardian

Read more about Grafana and GitHub Breached: The Risk When Private Code Leaks

Leaked Kubernetes Secrets: Impact Assessment and Mitigation Strategies

May 20, 2026 By Guillaume Valadon In GitGuardian

A single leaked Kubernetes credential rarely stays in the cluster. It opens the registry credentials, private Docker images, and private GitHub repositories behind it. In Q1 2026 alone, our detectors caught close to 2,000 new such leaks on GitHub, 28% valid at leak time.

Read Post

GitGuardian

Read more about Leaked Kubernetes Secrets: Impact Assessment and Mitigation Strategies

An inside look at finding Leaked CISA AWS GovCloud Admin Keys on Github

May 20, 2026 By GitGuardian In GitGuardian

In this interview, GitGuardian security researcher Guillaume Valadon breaks down how GitGuardian discovered a public GitHub repository exposing CISA-related secrets, including plain-text passwords, AWS tokens, SAML certificates, CI/CD files, Kubernetes manifests, and internal operational documentation. We discuss how the leak was identified, why exposed secrets can create immediate risk, and how GitGuardian helped escalate the disclosure until the repository was taken offline within 26 hours.

View Video

GitGuardian

Read more about An inside look at finding Leaked CISA AWS GovCloud Admin Keys on Github

Malware is created by criminals

May 20, 2026 By GitGuardian In GitGuardian

"Malware is created by criminals. They are intending to cause harm. It is not hypothetical. They want you to consume it for nefarious purposes.".

View Video

GitGuardian

Read more about Malware is created by criminals

How We Got a CISA GitHub Leak Taken Down in Under a Day

May 19, 2026 By Guillaume Valadon In GitGuardian

On May 14, GitGuardian found a public GitHub repository called "Private-CISA" — 844 MB of plain-text passwords, AWS tokens, and Entra ID SAML certificates belonging to CISA, exposed since November 2025. Some credentials were still valid. CISA pulled it offline within 26 hours.

Read Post