A Mini Shai-Hulud Targeting the SAP Ecosystem
7 stolen GitHub tokens. 971 repositories. A self-replicating supply chain attack targeting SAP's Node.js packages — and it's still active. Here's what GitGuardian found.
The Bot Left a Fingerprint: Detecting and Attributing LLM-Generated Passwords
LLMs leave statistical fingerprints in the passwords they generate. We built a 100-year-old model to find them and detected 28,000 in the wild.
@bitwarden/cli - GitGuardian Views on helloworm00
GitGuardian analysis of the @bitwarden/cli compromise: GitHub used as C2, new Cloudflare exfiltration domain found, linked to April 22 Checkmarx KICS compromise via Dependabot.
Vercel April 2026 Incident: Non-Sensitive Environment Variables Need Investigation Too
Vercel's Context.ai breach exposed environment variables that weren't marked sensitive. Learn how to pull and scan your secrets with GitGuardian.
Renovate & Dependabot: The New Malware Delivery System
Recent supply chain attacks stayed live for hours. Automation tools silently merged their malware in minutes. Read how upgrade bots and AI agents became the insider threat.
The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub
GitGuardian’s 5th State of Secrets Sprawl report is here. In this blog, we unpack the key findings behind the 2026 edition, from AI-driven leak growth to the remediation gaps security teams can’t ignore.
2,622 Valid Certificates Exposed: A Google-GitGuardian Study Maps Private Key Leaks to Real-World Risk
GitGuardian partnered with Google to answer: what happens when private keys leak? Using Certificate Transparency, we mapped about 1M leaked keys to 140k certificates. Result: 2,622 were valid as of September 2025, exposing major organizations. Our disclosure campaign achieved 97% remediation.
OpenClaw (Moltbot) Personal Assistant Goes Viral – And So Do Your Secrets
Early 2026, Moltbot a new AI personal assistant went viral. GitGuardian detected 200+ leaked secrets related to it, including from healthcare and fintech companies. Our contribution to Moltbot: a skill that turns secret scanning into a conversational prompt, letting users ask "is this safe?"
![Shai-Hulud 2.0 Exposes Over 33,000 Unique Secrets [Updated Nov, 27]](https://storage.ghost.io/c/42/5d/425d266f-cf99-406e-9436-597a19bed011/content/images/size/w600/2025/11/shai-hulud--2--1.png)
Shai-Hulud 2.0 Exposes Over 33,000 Unique Secrets [Updated Nov, 27]
On November 24, a new wave of the Shai-Hulud supply chain attack emerged. The threat actors exfiltrate stolen credentials directly to GitHub repositories created with compromised tokens.
From Path Traversal to Supply Chain Compromise: Breaking MCP Server Hosting
We found a path traversal vulnerability in Smithery.ai that compromised over 3,000 MCP servers and exposed thousands of API keys. Here's how a single Docker build bug nearly triggered one of the largest AI supply chain attacks to date.
How Cybercriminal Organizations Weaponize Exposed Secrets
The threat GitGuardian has long-anticipated is now a reality: criminal groups are executing systematic attacks targeting hardcoded credentials and over-permissive IAM configurations. The situation escalated when Shiny Hunters and Crimson Collective formed an alliance to coordinate efforts.
The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows
On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 repositories. Attackers injected malicious workflows that exfiltrated 3,325 secrets, including PyPI, npm, and DockerHub tokens via HTTP POST requests to a remote endpoint.
