The Security Ledger

Exposed Developer Secrets Surge: AI Drives 34% Increase in 2025

AI-driven development fueled a surge in developer secrets leaks last year, with nearly 29m credentials discovered on public GitHub repos.

OpenClaw can bypass your EDR, DLP and IAM without triggering a single alert

Six security teams shipped six OpenClaw defense tools in 14 days. Three attack surfaces survived: runtime semantic exfiltration, cross-agent context leakage and agent-to-agent trust chains with zero ...

As AI agents spread, 1Password's new tool tackles a rising security threat

AI agents increasingly need credentials to log into your systems. 1Password wants to help secure them. Here's how.

1Password introduces Unified Access platform and partner API for AI agent security

Cybersecurity and password service provider 1Password LLC today announced two related initiatives that are designed to strengthen how organizations manage and enforce access acros ...
SiliconANGLE

Have I Been Pwned adds 71M compromised credentials from the ‘Naz.API’ data set

Data breach indexing site Have I Been Pwnd has just added a new data set of almost 71 million stolen user credentials from the Naz.API data set that includes 25 million previously unknown leaks. The ...
Bleeping Computer

VMware fixes bug exposing CF API admin credentials in audit logs

VMware has patched an information disclosure vulnerability in VMware Tanzu Application Service for VMs (TAS for VMs) and Isolation Segment caused by credentials being logged and exposed via system ...
Forbes

Why Secrets Management Should Be A Central Pillar Of Cloud Security

As enterprises accelerate their shift to the cloud, cybersecurity risks are evolving in ways for which many organizations are unprepared. One of the most overlooked vulnerabilities is secrets ...
TechCrunch

Envkey wants to create a smarter place to store a company’s API keys and credentials

If an engineer ends up leaving a company — on their own, or for any other reason — the company is going to have to quickly work to change all of their keys for their credentials and keys application ...