#LeakyCLI

Cloud Users Warned of Data Exposure Risk From Command-Line Tools

by

April 16, 2024 at 11:00AM Cloud security firm Orca warned about how certain command-line tools from major cloud service providers expose sensitive information in the form of environment variables, posing security risks. Microsoft Azure, AWS, and Google Cloud confirmed the issue and provided guidance on safeguarding sensitive data. Orca discovered this issue impacting not just … Read more

AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs

by

April 16, 2024 at 10:36AM New cybersecurity research reveals that CLI tools from AWS and Google Cloud can expose sensitive credentials in build logs, posing risks to organizations. Microsoft has addressed the issue, while Amazon and Google consider it expected behavior, advising organizations to avoid storing secrets in environment variables and use dedicated secrets store … Read more