Early Lessons from the Sisense Breach
Business intelligence company Sisense has seen secrets compromised in its GitLab repositories, leading to a siphoning of its customers' sensitive data.
The Open-Source Backdoor That Almost Compromised SSH
The open-source world narrowly escaped a sophisticated supply-chain attack that could have compromised countless systems. A stark reminder of the necessity of vigilant monitoring and rigorous vetting within the open-source ecosystem to maintain trust and security.
![SOPS [Security Zines]](/content/images/size/w600/2024/03/SOPS-Security-Zine.png)
SOPS [Security Zines]
Enjoy the power of SOPS to secure your secrets with this new zine!
The State of Secrets Sprawl 2024
The State of Secrets Sprawl 2024 report by GitGuardian uncovers a 28% increase in leaked secrets on GitHub, revealing an urgent need for significantly improved security practices.
GitHub's Default Push Protection: Enhancing Open-Source Security with Limitations to Consider
GitHub's Push Protection is now enabled by default for all public repositories, a big milestone for open-source security! Find out the key points you need to keep in mind before using it to safeguard your code repositories.
Cybersecurity in Healthcare: Beyond the Myths
The healthcare industry, holding a treasure trove of valuable data, finds itself at a pivotal point in its fight against cyber threats. This sector, harassed by cybercriminals, has endured the highest average costs due to breaches for over a decade.
The Secret's Out: How Stolen Okta Auth Tokens Led to Cloudflare Breach
Cloudflare experienced a security breach when its internal systems were compromised, leading to unauthorized access to sensitive data. Another incident highlights the importance of maintaining strict secrets security across the supply chain.
Leading Machine Learning Innovations at GitGuardian
Discover Arnault's journey as lead ML engineer at GitGuardian, tackling complex data science challenges and secrets management in cybersecurity.
![Has My Secret Leaked? [Security Zines]](/content/images/size/w600/2024/01/Security-Z.png)
Has My Secret Leaked? [Security Zines]
A new comic strip to better grasp the simple but effective way HasMySecretLeaked checks your secrets without asking you to reveal them!
Understanding the Risks of Long-Lived Kubernetes Service Account Tokens
Kubernetes Service Account tokens are exploited in many attack chain scenarios. Learn how to mitigate these risks and secure your Kubernetes clusters effectively.
AI and Cybersecurity in 2024 - What's Changing and Why It Matters
Tired of the AI hype? We get it. Our latest blog takes a no-nonsense look at AI in 2024's cybersecurity – just the facts and some thoughtful insights. No earth-shattering revelations, just a decent read for your coffee break.
Are the Fears about the EU Cyber Resilience Act Justified?
Discover the inner workings of the recently implemented Cyber Resilience Act (CRA) in the EU and explore why this framework has raised concerns about jeopardizing the open-source ecosystem. Join us in our latest blog post to delve into this important topic.
