GitGuardian
Attackers already know the secrets are on your developers’ machines. Do you?
In a recent GitGuardian analysis, an average of 150 secrets were found on a sample of developer endpoints. Private keys accounted for 38% of unique secrets, while cloud, …
Product showcase: Stop secrets from leaking through AI coding tools with GitGuardian
AI coding assistants are quickly becoming part of everyday development. Tools like Cursor, Claude Code, and GitHub Copilot can now do more than suggest code. They can read …
29 million leaked secrets in 2025: Why AI agents credentials are out of control
AI agents need credentials to work. They authenticate with LLM platforms, connect to databases, call SaaS APIs, access cloud resources, and orchestrate across dozens of …
TeamPCP’s attack spree slows, but threat escalates with ransomware pivot
TeamPCP’s destructive run of supply chain breaches has stopped, for now: it has been three days since the group published malicious versions of Telnyx’s SDK on PyPI, and …
AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure
Code keeps moving through pipelines, and credentials continue to surface alongside it. GitGuardian’s State of Secrets Sprawl 2026 puts the count at 28.65 million new hardcoded …
Why boards must prioritize non-human identity governance
Boards of Directors (BoDs) do three things exceptionally well when cyber is framed correctly. They set risk appetite, they allocate capital, and they demand evidence that the …
Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom
Once a secret enters Git, it’s expensive to remediate. But the real problem runs deeper than cost. Grégory Maitrallain, Solution Architect at Orange Business, discovered …
What the GitGuardian secrets sprawl report reveals about leaked credentials
In this Help Net Security video, Dwayne McDaniel, Senior Developer Advocate at GitGuardian, presents findings from The State of Secrets Sprawl 2025. McDaniel explains why …
70% of leaked secrets remain active two years later
Long-lived plaintext credentials have been involved in most breaches over the last several years, according to GitGuardian. When valid credentials, such as API keys, …
Report: The State of Secrets Sprawl 2025
GitGuardian’s State of Secrets Sprawl 2025 report shows no progress in combating secrets sprawl, with 23.8 million secrets leaked on public GitHub repositories in 2024—a 25% …
Infosec products of the month: December 2024
Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, Cato Networks, Datadog, Fortinet, GitGuardian, Horizon3.ai, Netwrix, …
What open source means for cybersecurity
With outdated and inadequately maintained components, along with insecure dependencies, the open-source ecosystem presents numerous risks that could expose organizations to …
Featured news
Resources
Don't miss
- The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic
- Treating AI agents like service accounts for federated query security
- Malware ships with bugs that defenders could use against it
- Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)
- CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)