#PushProtection

Over 12 million auth secrets and keys leaked on GitHub in 2023

by

March 12, 2024 at 11:25AM GitGuardian reported that during 2023, 12.8 million sensitive secrets were accidentally exposed in over 3 million public repositories on GitHub, with the majority remaining valid after five days. The exposed secrets included account passwords, API keys, and certificates, posing significant security risks. The leakiest countries included India, the United States, … Read more

GitHub enables push protection by default to stop secrets leak

by

February 29, 2024 at 01:59PM GitHub has introduced push protection by default for all public repositories, preventing accidental exposure of secrets like access tokens and API keys during code pushes. The feature scans for over 200 token types and patterns from 180+ providers and allows users to remove or bypass detected secrets. Push protection is … Read more