Tag: leak
-
News alert: GitGuardian study shows AI coding tools double leak rates as 29M credentials hit GitHub
NEW YORK, Mar.17, 2026, CyberNewswire “, GitGuardian, the security leader behind GitHub’s most installed application, today released the 5th edition of its “State of Secrets Sprawl” report, documenting how mainstream AI adoption in 2025 reshaped software delivery and accelerated the… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/news-alert-gitguardian-study-shows-ai-coding-tools-double-leak-rates-as-29m-credentials-hit-github/
-
News alert: GitGuardian study shows AI coding tools double leak rates as 29M credentials hit GitHub
NEW YORK, Mar.17, 2026, CyberNewswire “, GitGuardian, the security leader behind GitHub’s most installed application, today released the 5th edition of its “State of Secrets Sprawl” report, documenting how mainstream AI adoption in 2025 reshaped software delivery and accelerated the… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/news-alert-gitguardian-study-shows-ai-coding-tools-double-leak-rates-as-29m-credentials-hit-github/
-
News alert: GitGuardian study shows AI coding tools double leak rates as 29M credentials hit GitHub
NEW YORK, Mar.17, 2026, CyberNewswire “, GitGuardian, the security leader behind GitHub’s most installed application, today released the 5th edition of its “State of Secrets Sprawl” report, documenting how mainstream AI adoption in 2025 reshaped software delivery and accelerated the… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/news-alert-gitguardian-study-shows-ai-coding-tools-double-leak-rates-as-29m-credentials-hit-github/
-
GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub
New York, NY, March 17th, 2026, CyberNewswire In 2025, Developer Commits Using Claude Code Show 3.2% Secret Leak Rate vs. 1.5% Baseline. The Human Factor Remains Critical GitGuardian, the security leader behind GitHub’s most installed application, today released the 5th edition of its “State of Secrets Sprawl” report, documenting how mainstream AI adoption in 2025…
-
GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub
New York, NY, 17th March 2026, CyberNewswire First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/gitguardian-reports-an-81-surge-of-ai-service-leaks-as-29m-secrets-hit-public-github/
-
The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub
GitGuardian’s 5th State of Secrets Sprawl report is here. In this blog, we unpack the key findings behind the 2026 edition, from AI-driven leak growth to the remediation gaps security teams can’t ignore. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-state-of-secrets-sprawl-2026-ai-service-leaks-surge-81-and-29m-secrets-hit-public-github/
-
GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub
New York, NY, 17th March 2026, CyberNewswire First seen on hackread.com Jump to article: hackread.com/gitguardian-reports-an-81-surge-of-ai-service-leaks-as-29m-secrets-hit-public-github/
-
Hidden instructions in README files can make AI agents leak data
Developers rely on AI coding agents to set up projects, install dependencies, and run commands by following instructions in repository README files, which provide setup … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/17/ai-agents-readme-files-data-leak-security-risk/
-
CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Wing FTP to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, CVE-2025-47813 (CVSS score: 4.3), is an information disclosure vulnerability that leaks the installation path of the application under certain conditions First seen on thehackernews.com…
-
Researchers Find Data Leak Risk in AWS Bedrock AI Code Interpreter
AWS Bedrock AI tool flaw allows data leaks via DNS queries in AgentCore Code Interpreter sandbox, exposing sensitive cloud data, researchers warn. First seen on hackread.com Jump to article: hackread.com/data-leak-risk-in-aws-bedrock-ai-code-interpreter/
-
Android 17 Leaks Reveal Major Redesign, AI Features, and Privacy Upgrades
Android 17 beta is here. Here’s what is confirmed so far, what leaks suggest, and which rumored features may arrive later in 2026. The post Android 17 Leaks Reveal Major Redesign, AI Features, and Privacy Upgrades appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-android-17-leaks-features-beta-release-rumors/
-
Don’t confuse asset inventory with exposure management
Tags: access, ai, api, attack, breach, business, chatgpt, cloud, compliance, control, credentials, cyber, cybersecurity, data, data-breach, detection, endpoint, flaw, framework, governance, government, identity, infrastructure, intelligence, Internet, leak, least-privilege, metric, mfa, monitoring, network, regulation, risk, saas, service, software, threat, tool, update, vulnerability, vulnerability-managementAsset discovery tells you what IT exists in your environment. Exposure management tells you what will get you breached. If your platform can’t connect vulnerabilities, identities, misconfigurations, and AI systems into real attack paths, you don’t have exposure management. You have inventory. Key takeaways True exposure management requires more than asset inventory. It’s about merging…
-
Don’t confuse asset inventory with exposure management
Tags: access, ai, api, attack, breach, business, chatgpt, cloud, compliance, control, credentials, cyber, cybersecurity, data, data-breach, detection, endpoint, flaw, framework, governance, government, identity, infrastructure, intelligence, Internet, leak, least-privilege, metric, mfa, monitoring, network, regulation, risk, saas, service, software, threat, tool, update, vulnerability, vulnerability-managementAsset discovery tells you what IT exists in your environment. Exposure management tells you what will get you breached. If your platform can’t connect vulnerabilities, identities, misconfigurations, and AI systems into real attack paths, you don’t have exposure management. You have inventory. Key takeaways True exposure management requires more than asset inventory. It’s about merging…
-
Don’t confuse asset inventory with exposure management
Tags: access, ai, api, attack, breach, business, chatgpt, cloud, compliance, control, credentials, cyber, cybersecurity, data, data-breach, detection, endpoint, flaw, framework, governance, government, identity, infrastructure, intelligence, Internet, leak, least-privilege, metric, mfa, monitoring, network, regulation, risk, saas, service, software, threat, tool, update, vulnerability, vulnerability-managementAsset discovery tells you what IT exists in your environment. Exposure management tells you what will get you breached. If your platform can’t connect vulnerabilities, identities, misconfigurations, and AI systems into real attack paths, you don’t have exposure management. You have inventory. Key takeaways True exposure management requires more than asset inventory. It’s about merging…
-
OpenClaw AI Agents Vulnerable to Indirect Prompt Injection, Causing Data Leaks
OpenClaw AI agents are facing significant security scrutiny following a recent CNCERT warning about insecure defaults and prompt-injection vulnerabilities. The most critical risk for defenders is not just abstract model confusion, but the ability of an attacker to turn normal AI agent behavior into a silent data exfiltration pipeline. This highlights a growing problem where…
-
Payload Ransomware claims the hack of Royal Bahrain Hospital
The Payload Ransomware group claims to have breached the Royal Bahrain Hospital (RBH), a leading healthcare facility in Bahrain. The Payload Ransomware group claims to have hacked the Royal Bahrain Hospital (RBH) and stolen 110 GB of data. The ransomware gang added the healthcare facility to its Tor data leak site and published the images…
-
Microsoft Authenticator Flaw on Android, iOS Could Leak Login Codes for Millions
A vulnerability in Microsoft Authenticator for Android and iOS could expose login codes to malicious apps on the same device. Microsoft has released a patch. The post Microsoft Authenticator Flaw on Android, iOS Could Leak Login Codes for Millions appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-authenticator-vulnerability-android-ios-login-codes/
-
England Hockey investigating ransomware data breach
England Hockey, the governing body for field hockey in England, is investigating a potential data breach after the AiLock ransomware gang listed it as a victim on its data leak site. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/england-hockey-investigating-ransomware-data-breach/
-
Microsoft Authenticator could leak login codes”, update your app now
A bug in Microsoft Authenticator on Android and iOS could allow malicious apps on the same device to intercept authentication codes or sign-in links. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/microsoft-authenticator-could-leak-login-codes-update-your-app-now/
-
ShinyHunters Hackers Threaten 400 Firms Over Stolen Salesforce Data
ShinyHunters claims to have stolen data from 400 firms via Salesforce portals and is threatening to leak the information unless ransom demands are paid. First seen on hackread.com Jump to article: hackread.com/shinyhunters-hackers-threat-stolen-salesforce-data/
-
How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on their own.But there is a problem. While these agents make work faster, they also open a new “back…
-
900+ Certificates Used by Fortune 500, Governments Exposed by Key Leaks
A joint study by Google and GitGuardian reveals that over 2,600 valid TLS certificates, protecting Fortune 500 companies and government agencies, were compromised due to private key leaks on GitHub and DockerHub. First seen on hackread.com Jump to article: hackread.com/certificates-fortune-500-gov-exposed-key-leaks/
-
Challenges and projects for the CISO in 2026
Tags: access, ai, authentication, automation, awareness, cisco, ciso, cloud, communications, control, credentials, cybersecurity, data, defense, detection, edr, email, encryption, endpoint, finance, framework, group, identity, intelligence, leak, mobile, network, service, soc, sophos, strategy, technology, trainingHazel DÃez (Banco Santander), Roberto Lara (Vodafone), Marijus Briedis (NordVPN), Ãlvaro Fernández (Sophos), and Ãngel Ortiz (Cisco). Banco Santander, Vodafone, NordVPN, Sophos y Cisco. Montaje: Foundry Against this backdrop, Cisco defines AI as “the fundamental technology that will set the cybersecurity agenda in 2026,” in the words of Ortiz, who refers to the company’s Integrated…
-
Cryptohack Roundup: Ariomex Leak Flags Iran Sanction Risks
Also: US’ Multi-Million Dollar Scam Funds Seizure. Iran exchange leak raises sanctions risks, $580M frozen in scam crackdown, $61M romance scam funds seized, feds seek $327K in dating scam case, Russia exploit broker sanctioned, South Korean wallet recovery phrase exposure and arrest in custody bitcoin theft, Axiom data misuse and Uniswap lawsuit ends. First seen…
-
Operation Leak: FBI and Europol dismantle LeakBase Cybercrime forum
The Federal Bureau of Investigation seized the LeakBase cybercrime forum in an international crackdown led by Europol. The Federal Bureau of Investigation seized the LeakBase cybercrime forum (leakbase[.]la), a platform used to trade hacking tools and stolen data. The action formed part of “Operation Leak,” an international effort coordinated by Europol involving authorities from 14…
-
Operation Leak: FBI and Europol dismantle LeakBase Cybercrime forum
The Federal Bureau of Investigation seized the LeakBase cybercrime forum in an international crackdown led by Europol. The Federal Bureau of Investigation seized the LeakBase cybercrime forum (leakbase[.]la), a platform used to trade hacking tools and stolen data. The action formed part of “Operation Leak,” an international effort coordinated by Europol involving authorities from 14…
-
2,622 Valid Certificates Exposed: A Google-GitGuardian Study Maps Private Key Leaks to Real-World Risk
GitGuardian partnered with Google to answer: what happens when private keys leak? Using Certificate Transparency, we mapped about 1M leaked keys to 140k certificates. Result: 2,622 were valid as of September 2025, exposing major organizations. Our disclosure campaign achieved 97% remediation. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/2622-valid-certificates-exposed-a-google-gitguardian-study-maps-private-key-leaks-to-real-world-risk/
-
Operation Leak: Authorities Dismantle LeakBase Forum, Secure User Data and IP Logs
The FBI, working alongside international law enforcement agencies, has successfully dismantled the notorious cybercriminal forum LeakBase. Dubbed >>Operation Leak,<< this coordinated global effort resulted in the seizure of the platform's domains and its underlying infrastructure. LeakBase was a prominent online destination where cybercriminals gathered to buy, sell, and trade stolen databases, corporate data, and personal…