Secrets Security

04 May DevTap npm Typosquatting Attack: Six Malicious Packages Target Developer Workstations

Posted at 18:43h in Attacks Analysis, Must Read, Secrets Security by Xygeni Security Team 0 Comments

DevTap npm typosquatting attack used six malicious packages to spy on developer workstations and abuse npm trust....

Read More

27 Mar LiteLLM Attack: How Xygeni Stops Secret Exposure Fast

Posted at 14:27h in Attacks Analysis, Must Read, Secrets Security by Fátima Said 0 Comments

LiteLLM attack exposed critical secrets. See how Xygeni detects, verifies, and revokes credentials before attackers use them....

Read More

19 Nov Dockerfile Secrets: Why Layers Keep Your Sensitive Data Forever

Posted at 11:12h in Secrets Security by Stefano Gasperi 0 Comments

Master IaC cyber security with proven infrastructure as code security practices. Prevent risks for Terraform, Kubernetes or CloudFormation....

Read More

19 Nov Docker Build Args: The Hidden Vector for Secret Leaks in Images

Posted at 10:36h in Secrets Security by Carey M. Jackson 0 Comments

Master IaC cyber security with proven infrastructure as code security practices. Prevent risks for Terraform, Kubernetes or CloudFormation....

Read More

06 Nov C# Dictionary: The Subtle Bugs That Break Data Integrity

Posted at 15:16h in Secrets Security by Stefano Gasperi 0 Comments

Master IaC cyber security with proven infrastructure as code security practices. Prevent risks for Terraform, Kubernetes or CloudFormation....

Read More

03 Nov Serilog Pitfalls: When Logging Becomes a Data Leak

Posted at 10:00h in Secrets Security by Stefano Gasperi 0 Comments

Master IaC cyber security with proven infrastructure as code security practices. Prevent risks for Terraform, Kubernetes or CloudFormation....

Read More

01 Oct LDAP Port Misconfigs: How Groups and Bind Operations Break App Security

Posted at 09:25h in Secrets Security by Stefano Gasperi 0 Comments

Master IaC cyber security with proven infrastructure as code security practices. Prevent risks for Terraform, Kubernetes or CloudFormation....

Read More

30 Sep What “Has Been Pwned” Really Means for Developers

Posted at 10:10h in Secrets Security by Fátima Said 0 Comments

Learn what has been pwned means for developers, how a pwned checker works, and why secrets detection is key to prevention....

Read More

19 Sep Docker Secrets in CI/CD: Stop Leaking Sensitive Data

Posted at 13:58h in Secrets Security by Stefano Gasperi 0 Comments

Master IaC cyber security with proven infrastructure as code security practices. Prevent risks for Terraform, Kubernetes or CloudFormation....

Read More

15 Sep Why git log Still Shows Your Secrets: Git Commit History Never Forgets

Posted at 15:15h in Secrets Security by Stefano Gasperi 0 Comments

Master IaC cyber security with proven infrastructure as code security practices. Prevent risks for Terraform, Kubernetes or CloudFormation....

Read More

28 Aug Why Docker-compose.yml Is a Security Risk Surface?

Posted at 13:29h in Secrets Security by Stefano Gasperi 0 Comments

Master IaC cyber security with proven infrastructure as code security practices. Prevent risks for Terraform, Kubernetes or CloudFormation....

Read More

25 Aug Exit Code -1 After a Git Push? It Might Be Your Secrets or Vulnerable Code

Posted at 12:03h in Secrets Security by Stefano Gasperi 0 Comments

Master IaC cyber security with proven infrastructure as code security practices. Prevent risks for Terraform, Kubernetes or CloudFormation....

Read More