Dark Reading

Credential Canaries Create Minefield for Attackers

With nearly half of all breaches involving external attackers enabled by stolen or fake credentials, security firms are pushing a high-fidelity detection mechanism for such intrusions: canary tokens.
ZDNet

Over 100,000 GitHub repos have leaked API or cryptographic keys

A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with ...