ZDNet

Over 100,000 GitHub repos have leaked API or cryptographic keys

A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with ...
GitHub

Thereallo1026/OpenRouter-API-Scanner

As of August 21, 2024, GitHub has enabled push protection to prevent API key leakage, which could significantly impact this repository. Note As of March 11, 2024, secret scanning and push protection ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...
GitHub

Grok4Git: AI-Powered GitHub Management with Grok from xAI

## 🔧 Setup **Set up environment variables**: Create a `.env` file in your project directory or set environment variables: ```env XAI_API_KEY=your_xai_api_key_here ...
Bleeping Computer

GitHub expands security tools after 39 million secrets leaked in 2024

GitHub announced updates to its Advanced Security platform after it detected over 39 million leaked secrets in repositories during 2024, including API keys and credentials, exposing users and ...
SecurityWeek

Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack

Hackers used the secrets stolen in the recent Nx supply chain attack to publish over 6,700 private repositories publicly.
Threat Post

Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens

GitHub shared the timeline of breaches in April 2022, this timeline encompasses the information related to when a threat actor gained access and stole private repositories belonging to dozens of ...

PyPI invalidates tokens stolen in GhostAction supply chain attack

The Python Software Foundation team has invalidated all PyPI tokens stolen in the GhostAction supply chain attack in early ...