#SecuredVariables

Bitbucket artifact files can leak plaintext authentication secrets

May 21, 2024 by Xynik

May 21, 2024 at 04:01PM The issue involves threat actors breaching AWS accounts by exploiting plaintext AWS authentication secrets leaked in Atlassian Bitbucket artifacts. Mandiant discovered this during an investigation and highlighted how seemingly secured data can be exposed in public repositories, jeopardizing security. Developers are cautioned to review artifacts and deploy code scanning to … Read more

Atlassian Bitbucket artifacts can leak plaintext auth secrets

May 21, 2024 by Xynik

May 21, 2024 at 03:06PM Threat actors breached AWS accounts using leaked plaintext authentication secrets in Atlassian Bitbucket artifacts. Mandiant discovered this issue in the context of an investigation, highlighting the potential leakage of secured data in public repositories. Bitbucket’s secured variables encrypt sensitive information, but Mandiant found that artifact objects can contain plaintext secured … Read more