We found a path traversal vulnerability in Smithery.ai that compromised over 3,000 MCP servers and exposed thousands of API keys. Here's how a single Docker build bug nearly triggered one of the largest AI supply chain attacks to date.
Dependency confusion attacks exploit gaps in your software supply chain. Dive into modern dependency management and learn how to defend your systems with best practices.
Experience the heat of innovation at BSides Las Vegas 2024, where cybersecurity experts tackle AI security, passwordless solutions, and zero-downtime credential rotation.
The New York Times had their entire codebase leaked. In this article we explore what was inside that code, how the leak happened and what the risk for the New York Times going forward is. (Spoiler we found thousands of secrets).
DevSecOps Engineer Gene Gotimer explains why constant software dependency updates are crucial for security in DevSecOps practices.
What does Agile have to do with improving security? A lot! Explore highlights from Agile2024, including technical health, productive meetings, and addressing shadow IT.
Essential reading for developers and security professionals alike: a comprehensive comparison of vulnerability databases to help you cut through the noise.
In this article we present a novel way to protect your container applications post-exploitation. This additional protection is called Seccomp-BPF.
Upgrade your PostgreSQL instance to the newest version with confidence! In this benchmarking blog post, we show you the performance improvements you can expect when upgrading from PostgreSQL 13 to 16.
Explore key insights from CodeSecDays 2024 on software supply chain security. Learn about AI in DevSecOps, SLSA frameworks, developer-security collaboration, and secrets management. Discover strategies for a more secure digital future.
Secrets in collaboration tools are becoming prime targets for attackers. Reduce your attack surface by extending GitGuardian automated secrets detection capabilities to Slack, Jira, Confluence, or Microsoft Teams. Ensure security wherever your teams collaborate!
Enhance your secrets remediation process with GitGuardian’s new features: pinpoint the locations needing code fixes and track the progress in real time. Discover how these tools can boost efficiency, enhance collaboration, and shorten remediation times.
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
