The Hacker News

The State of Secrets Sprawl 2026: 9 Takeaways for CISOs

M secrets leaked in 2025, up 34% YoY, driven by AI growth and poor remediation, expanding enterprise attack surfaces.
CSOonline

Cybercriminals intensify hunt for exposed Git secrets

About 4,800 unique IP addresses were scanned for exposed Git configuration files in a single day to steal sensitive secrets and tokens. Git configuration files exposed in public repositories are being ...
NextBigFuture

Aembit Extends Secretless CI/CD with Credential Lifecycle Management for GitLab

Aembit, the workload identity and access management (IAM) company, today announced new capabilities for GitLab designed to reduce the security risks of long-lived personal access tokens (PATs) and ...
Bleeping Computer

GitLab warns of critical pipeline execution vulnerability

GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.
Bleeping Computer

GitLab patches high severity account takeover, missing auth issues

GitLab has released security updates to address multiple vulnerabilities in the company's DevSecOps platform, including ones enabling attackers to take over accounts and inject malicious jobs in ...