%term

How Attackers Use Developer Machines to Breach the Software Supply Chain - May 07, 2026

May 7, 2026 By GitGuardian In GitGuardian

In April, three major supply chain campaigns hit npm, PyPI, and Docker Hub in just 48 hours, and while the ecosystems were different, the objective was the same: steal credentials from developer environments and CI/CD pipelines. The malware targeted API keys, cloud credentials, SSH keys, GitHub tokens, npm tokens, environment variables, and more, turning developer machines and build systems into high-value credential vaults for attackers.

View Video

GitGuardian

Read more about How Attackers Use Developer Machines to Breach the Software Supply Chain - May 07, 2026

Meet GitGuardian's AI Assistant: Natural Language Queries Across All Your Incidents

May 7, 2026 By GitGuardian In GitGuardian

See how the GitGuardian Assistant helps teams investigate, understand, and remediate secret incidents directly from the GitGuardian workspace. In this preview, Mathieu and Dwayne walk through how the assistant uses incident context, workspace details, and GitGuardian documentation to answer questions, suggest next steps, and help manage incidents through natural language. It can explain threat patterns, assess scope and impact, recommend remediation steps, assign incidents, update tags, and propose changes to incidents.

View Video

GitGuardian

Read more about Meet GitGuardian's AI Assistant: Natural Language Queries Across All Your Incidents

Navigating With GitGuardian Workspace Quick Access

May 5, 2026 By GitGuardian In GitGuardian

GitGuardian Workspace Quick Access helps you move through the platform faster with one unified search experience. In this video, we walk through how to open Quick Access with Ctrl+K, or Cmd+K on Mac, search across platform pages and public documentation, navigate results with keyboard shortcuts, and jump directly to the section you need. Quick Access respects your permissions and workspace configuration, so results stay relevant to the pages, features, and docs available to you.

View Video

GitGuardian

Read more about Navigating With GitGuardian Workspace Quick Access

Previewing GitGuardian Developer Endpoint Protection

May 5, 2026 By GitGuardian In GitGuardian

We are excited to announce the private beta of our advancement in fighting secret sprawl and keeping your developers safe. GitGuardian Developer Endpoint Protection.

View Video

GitGuardian

Read more about Previewing GitGuardian Developer Endpoint Protection

Local Guardrails for Secrets Security in the Age of AI Coding Assistants

May 4, 2026 By Dwayne McDaniel In GitGuardian

Modern developer environments expose sensitive context across files, prompts, logs, and commands. Learn how layered local controls reduce secrets risk.

Read Post

GitGuardian

Read more about Local Guardrails for Secrets Security in the Age of AI Coding Assistants

Identity Access Management Strategy for Non-Human Identities

Apr 30, 2026 By Anna Nabiullina In GitGuardian

Build an identity and access management strategy for non-human identities. Secure service accounts, workloads, and machine identities in the cloud.

Read Post

GitGuardian

Read more about Identity Access Management Strategy for Non-Human Identities

A Mini Shai-Hulud Targeting the SAP Ecosystem

Apr 29, 2026 By Guillaume Valadon In GitGuardian

7 stolen GitHub tokens. 971 repositories. A self-replicating supply chain attack targeting SAP's Node.js packages — and it's still active. Here's what GitGuardian found.

Read Post

GitGuardian

Read more about A Mini Shai-Hulud Targeting the SAP Ecosystem

The Research Behind Of Detecting And Attributing LLM-Generated Passwords - Gäetan Ferry

Apr 28, 2026 By GitGuardian In GitGuardian

GitGuardian Senior Cybersecurity Researcher Gaetan Ferry’s latest research shows that AI-generated passwords are leaving fingerprints in the wild. In this interview, he explains how he used Markov chains, a century-old statistical model, to detect patterns in passwords generated by modern LLMs, attribute them to model families, and identify 28,000 likely LLM-generated passwords across public GitHub. The findings are a warning for teams adopting AI coding agents.

View Video