![Shai-Hulud 2.0 Exposes Over 33,000 Unique Secrets [Updated Nov, 27]](/content/images/size/w600/2025/11/shai-hulud--2--1.png)
On November 24, a new wave of the Shai-Hulud supply chain attack emerged. The threat actors exfiltrate stolen credentials directly to GitHub repositories created with compromised tokens.
GitGuardian is moving! We are happy to share with you some pictures of our great new offices in Paris city center.
GitGuardian is now a verified CircleCI technological partner. Use the ggshield orb to run automated secrets detection and remediation in your CircleCI workflows.
Keep secrets out of your source code. GitGuardian's automated secrets detection now supports Stripe webhook signing secrets.
In this tutorial, we will show how to integrate GitGuardian Shield to run on one of the most famous CI tools: Jenkins (with a cool bonus!).
Attackers have used stolen OAuth tokens issued to Travis CI and Heroku to gain access to private git repositories on GitHub. Here we take a look at exactly what happened, why it's significant, and how to mitigate the issue.
Edouard, GitGuardian's VP Product, is a seasoned cybersecurity specialist who joined GitGuardian to push our DevSecOps solutions to new heights. Find out more about his background and what excited him to become a Guardian.
![Compromising CI/CD Pipelines with Leaked Credentials [Security Zines]](/content/images/size/w600/2022/04/22W15-blog-SecurityZines-Compromising_CICD_pipelinesnal.jpg)
He struck again! New Security Zine, this time focusing on how leaked Jenkins credentials can lead to a complete supply chain takeover...
This tutorial will guide you through the setup of a GitHub Action generating a Seccomp filter for your application, a cutting-edge security feature for hardening containerized workloads.
Keep secrets out of your source code. GitGuardian's automated secrets detection supports Redis database credentials.
In their latest white paper, GitGuardian examines why implementing DevSecOps at scale to protect the modern software factory means evolving traditional AppSec. Read more to learn how the shared responsibility model adoption will unlock security in an agile world.
Lapsus$ has continued its prolific pace of breaches now leaking internal source code from 250 Microsoft projects. GitGuardian analyzed the code looking for secrets sprawl.
![Secrets in Git Repos [Security Zines]](/content/images/size/w600/2022/03/22W10-blog-securityzines-1-1.jpg)
Security Zines is a comic strip focused on raising awareness around code security topics. This first installment takes a look at the problem of storing secrets in Git repositories, and why it's such a bad idea...
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
