%term

How We Got a CISA GitHub Leak Taken Down in Under a Day

May 19, 2026 By Guillaume Valadon In GitGuardian

On May 14, GitGuardian found a public GitHub repository called "Private-CISA" — 844 MB of plain-text passwords, AWS tokens, and Entra ID SAML certificates belonging to CISA, exposed since November 2025. Some credentials were still valid. CISA pulled it offline within 26 hours.

Read Post

GitGuardian

Read more about How We Got a CISA GitHub Leak Taken Down in Under a Day

San Francisco Secure Software and AppSec Summit 2026: The Next AppSec Operating Model

May 18, 2026 By Dwayne McDaniel In GitGuardian

Security leaders at this SF area Summit examined AI agent risk, dependency governance, stale infrastructure, and the future of secure software.

Read Post

GitGuardian

Read more about San Francisco Secure Software and AppSec Summit 2026: The Next AppSec Operating Model

81% Surge in AI-Service Secret Leaks

May 18, 2026 By GitGuardian In GitGuardian

Read the full report here: https://www.gitguardian.com/state-of-secrets-sprawl-report-2026

View Video

GitGuardian

Read more about 81% Surge in AI-Service Secret Leaks

28% of secret incidents didn't originate in code at all

May 16, 2026 By GitGuardian In GitGuardian

Read the full report here: https://www.gitguardian.com/state-of-secrets-sprawl-report-2026

View Video

GitGuardian

Read more about 28% of secret incidents didn't originate in code at all

The GitGuardian Secret Detection Engine Just Got 43X Faster Thanks To Rust

May 13, 2026 By GitGuardian In GitGuardian

While not a new feature, the GitGuardian team has been hard at work making updates to our TokenScanner, the underlying engine that powers GitGuardian's secret scanning ability. This is great news for folks dealing with very large repos and legacy platforms that thousands of developers have touched over the years. Scanning millions of files, attachments, commits, and anywhere else secrets might be hiding takes minutes. Historical scans across petabytes of information, which used to take days, now take less than an hour. What used to take hours takes a few short minutes.

View Video

GitGuardian

Read more about The GitGuardian Secret Detection Engine Just Got 43X Faster Thanks To Rust

64% of valid secrets GitGuardian tested in 2022 are still valid in 2026

May 13, 2026 By GitGuardian In GitGuardian

Read the full report here (no email sign up required).

View Video

GitGuardian

Read more about 64% of valid secrets GitGuardian tested in 2022 are still valid in 2026

28,649,024 new secrets detected in public GitHub commits in 2025 by GitGuardian

May 13, 2026 By GitGuardian In GitGuardian

Download the report now, not gated: https://www.gitguardian.com/state-of-secrets-sprawl-report-2026

View Video

GitGuardian

Read more about 28,649,024 new secrets detected in public GitHub commits in 2025 by GitGuardian

AI Agents Security for Developers: Don't Let Your Agents Become a Liability

May 12, 2026 By Thomas Segura In GitGuardian

Using Cursor, GitHub Copilot, Claude Code, Codex, or another coding agent means giving software access to more than your code. It can also see the credentials available in your workspace, shell, config files, and development environment.

Read Post

GitGuardian

Read more about AI Agents Security for Developers: Don't Let Your Agents Become a Liability

GitGuardian Now Flags Admin and Overprivileged Identities Across AWS, Entra, and Okta

May 11, 2026 By Soujanya Ain In GitGuardian

GitGuardian's NHI Governance now adds privilege context to leaked secrets, auto-escalating admin-level risks for smarter prioritization across AWS, Entra, and Okta. Discover how admin badges and overprivilege detection cut through noise to focus on true blast radius.

Read Post