| | Driftwood: Know if private keys are sensitive (trufflesecurity.com) |
|
1 point by fanf2 39 days ago | past
|
|
| | Research Finds 12,000 'Live' API Keys and Passwords in DeepSeek's Training Data (trufflesecurity.com) |
|
7 points by bathtub365 54 days ago | past | 2 comments
|
|
| | I found a backdoor into my bed (trufflesecurity.com) |
|
980 points by riverdroid 64 days ago | past | 385 comments
|
|
| | Vigilante Justice on GitHub (trufflesecurity.com) |
|
2 points by campuscodi 3 months ago | past
|
|
| | Secrets Leak in CI/CD Pipelines (trufflesecurity.com) |
|
1 point by aquastorm 3 months ago | past
|
|
| | Google’s OAuth login doesn’t protect against purchasing a failed startup domain (trufflesecurity.com) |
|
503 points by simiones 3 months ago | past | 285 comments
|
|
| | Postman is largest public source of leaked secrets? (trufflesecurity.com) |
|
22 points by Letmetest 4 months ago | past
|
|
| | Anyone Can Access Private Azure Repo Data (trufflesecurity.com) |
|
2 points by __0x1__ 7 months ago | past
|
|
| | Hugging Face Now Automatically Detects Leaked Secrets (trufflesecurity.com) |
|
3 points by __0x1__ 7 months ago | past
|
|
| | TruffleHog now finds all Deleted and Private Commits on GitHub (trufflesecurity.com) |
|
15 points by riverdroid 8 months ago | past | 2 comments
|
|
| | Secrets are not a code security problem (trufflesecurity.com) |
|
2 points by computersuck 9 months ago | past
|
|
| | Anyone can access deleted and private repository data on GitHub (trufflesecurity.com) |
|
1983 points by __0x1__ 9 months ago | past | 374 comments
|
|
| | Credentials Leaking with Subdomain Takeover (trufflesecurity.com) |
|
3 points by ncts 10 months ago | past
|
|
| | (The) Postman Carries Lots of Secrets (trufflesecurity.com) |
|
1 point by aa_is_op 12 months ago | past
|
|
| | (The) Postman Carries Lots of Secrets (trufflesecurity.com) |
|
4 points by emilburzo 12 months ago | past
|
|
| | Google OAuth is broken (sort of) (trufflesecurity.com) |
|
350 points by mooreds on Dec 21, 2023 | past | 182 comments
|
|
| | Google OAuth is broken (sort of) (trufflesecurity.com) |
|
2 points by chillax on Dec 20, 2023 | past
|
|
| | New Google OAuth Vulnerability (trufflesecurity.com) |
|
2 points by riverdroid on Dec 18, 2023 | past
|
|
| | Google OAuth is broken (sort of) (trufflesecurity.com) |
|
5 points by SergeAx on Dec 17, 2023 | past | 1 comment
|
|
| | Google OAuth is broken (sort of) [Retain access after being offboarded] (trufflesecurity.com) |
|
4 points by srejk on Dec 16, 2023 | past
|
|
| | Live API Keys and Source Code Leaked in 4,500 of the Top Alexa Sites (trufflesecurity.com) |
|
13 points by zricethezav on Sept 5, 2023 | past
|
|
| | Show HN: Forager – Browse millions of live secrets leaked from GitHub/NPM (trufflesecurity.com) |
|
2 points by zricethezav on July 21, 2023 | past
|
|
| | Browse millions of secrets leaked in GitHub/NPM via Forager (trufflesecurity.com) |
|
11 points by zricethezav on July 19, 2023 | past | 3 comments
|
|
| | Forager by Trufflehog: Monitor public commits on GitHub (trufflesecurity.com) |
|
1 point by muhammedkilic on June 22, 2023 | past
|
|
| | A new XSS Hunter, that finds additional vulnerabilities (trufflesecurity.com) |
|
2 points by riverdroid on Feb 3, 2023 | past
|
|
| | Protecting Cloud SQL data with external backups using cloudsql-exporter (trufflesecurity.com) |
|
2 points by riverdroid on Jan 17, 2023 | past
|
|
| | Of-CORS: a framework for hacking internal apps with open CORS (trufflesecurity.com) |
|
5 points by riverdroid on Jan 3, 2023 | past
|
|
| | Email Graffiti: Take over images in old emails (trufflesecurity.com) |
|
3 points by xssoauth on Nov 21, 2022 | past
|
|
| | TruffleHog v3: detect and verify 639 key types (trufflesecurity.com) |
|
3 points by derac on April 4, 2022 | past
|
|
| | TruffleHog V3: Automatically Validate over 600 API Keys (trufflesecurity.com) |
|
13 points by xssoauth on April 4, 2022 | past | 1 comment
|
|
|
|
More |
