Developer Environment
Public GitLab repositories exposed more than 17,000 secrets
After scanning all 5.6 million public repositories on GitLab Cloud, a security engineer discovered more than 17,000 exposed secrets across over 2,800 unique domains. Luke Marshall used the TruffleHog open-source tool to check the code in the repositories for sensitive credentials like API keys, passwords, and tokens. The researcher previously scanned Bitbucket, where he found 6,212 secrets spread over 2.6 million repositories. […]
VSCode extensions with 9 million installs pulled over security risks
Microsoft has removed two popular VSCode extensions, ‘Material Theme – Free’ and ‘Material Theme Icons – Free,’ from the Visual Studio Marketplace for allegedly containing malicious code. The two extensions are very popular, having been downloaded nearly 9 million times in total, with users now receiving alerts in VSCode that the extensions have automatically been […]