%term

LLMs go around that security constraint and hardcode secrets

Jun 3, 2026 By GitGuardian In GitGuardian

If the LLM hits a security constraint that’s in the way of delivering what you asked for, it will silently fail. It will go around that security constraint and hardcode secrets.

View Video

GitGuardian

Read more about LLMs go around that security constraint and hardcode secrets

Four Credential-Harvesting Campaigns Hit Open Source Ecosystems in Two Weeks

Jun 3, 2026 By Anna Nabiullina In GitGuardian

The pace is not slowing down. Between May 18 and June 1, 2026, four distinct supply chain campaigns swept through npm, PyPI, Crates.io, GitHub Actions, and Composer.

Read Post

GitGuardian

Read more about Four Credential-Harvesting Campaigns Hit Open Source Ecosystems in Two Weeks

How We Migrated the Heart of Our Platform to Rust

Jun 1, 2026 By Kevin Westphal In GitGuardian

By rewriting our secret detection engine in Rust, we made our engine more than three times as fast. But not without making it four times slower along the way.

Read Post

GitGuardian

Read more about How We Migrated the Heart of Our Platform to Rust

GitGuardian's VS Code Extension Just Made It Even Easier To Fight Secrets Sprawl

Jun 1, 2026 By GitGuardian In GitGuardian

We are excited to announce the release of the GitGuardian Visual Studio Code Extension version 0.23.0! Aside from updating the tool to use the latest version of ggshield, it now can show all findings in a convenient list view int he primary sidebar.

View Video

GitGuardian

Read more about GitGuardian's VS Code Extension Just Made It Even Easier To Fight Secrets Sprawl

From Trivy to Telnex...A malware in the supply chain timeline

Jun 1, 2026 By GitGuardian In GitGuardian

http://youtube.com/watch

View Video

GitGuardian

Read more about From Trivy to Telnex...A malware in the supply chain timeline

Initial Access Changed, The Attack Path Did Not: Findings From The Verizon 2026 DBIR

May 28, 2026 By Dwayne McDaniel In GitGuardian

This year's report shows how credential sprawl across DevOps, SaaS, CI/CD, the cloud, and developer laptops turns initial access into operational impact.

Read Post

GitGuardian

Read more about Initial Access Changed, The Attack Path Did Not: Findings From The Verizon 2026 DBIR

New in ggshield 1.51: Codex Hooks, MCP Discovery, and SLSA Provenance

May 28, 2026 By GitGuardian In GitGuardian

ggshield 1.51 is here with better support for AI-powered development and browser-less environments. This release adds Codex hook support, MCP server detection across Claude and Cursor, and `ggshield auth login --method oob` for SSH sessions and headless servers. It also strengthens trust in the ggshield supply chain with GitHub Artifact Attestations for release binaries, improves plugin management through your authenticated GitGuardian instance, adds a `vscode` alias for Copilot hook installation, and shows workspace ID in `ggshield api-status`.

View Video

GitGuardian

Read more about New in ggshield 1.51: Codex Hooks, MCP Discovery, and SLSA Provenance

Every attack was some kind of refinement based on the other ideas.

May 28, 2026 By GitGuardian In GitGuardian

https://www.youtube.com/watch

View Video

GitGuardian

Read more about Every attack was some kind of refinement based on the other ideas.

Claude Code Co-authored Commits Leak Secrets At 2× The Baseline

May 27, 2026 By GitGuardian In GitGuardian

Read the full report here: https://www.gitguardian.com/state-of-secrets-sprawl-report-2026

View Video

GitGuardian

Read more about Claude Code Co-authored Commits Leak Secrets At 2× The Baseline

GitGuardian Just Gave AI Coding Agents Secret Detection Skills

May 27, 2026 By GitGuardian In GitGuardian

AI coding assistants like Claude Code and Cursor are helping developers write more code faster, but that also means more chances for secrets to slip into prompts, files, commits, and tool outputs. GitGuardian’s new open-source **agent-skills** repository teaches AI agents how to use **ggshield** directly inside the developer workflow: when to scan, how to read findings, and how to guide remediation for leaked credentials.

View Video

GitGuardian

Read more about GitGuardian Just Gave AI Coding Agents Secret Detection Skills

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

LLMs go around that security constraint and hardcode secrets

Four Credential-Harvesting Campaigns Hit Open Source Ecosystems in Two Weeks

How We Migrated the Heart of Our Platform to Rust

GitGuardian's VS Code Extension Just Made It Even Easier To Fight Secrets Sprawl

From Trivy to Telnex...A malware in the supply chain timeline

Initial Access Changed, The Attack Path Did Not: Findings From The Verizon 2026 DBIR

New in ggshield 1.51: Codex Hooks, MCP Discovery, and SLSA Provenance

Every attack was some kind of refinement based on the other ideas.

Claude Code Co-authored Commits Leak Secrets At 2× The Baseline

GitGuardian Just Gave AI Coding Agents Secret Detection Skills

Monthly Archive

Follow Us