TruffleHog | FAIR INTEL

Repo Roulette: Spin the Wheel, Win a Credential

A security researcher used automated TruffleHog scans across all 5.6 million public GitLab Cloud repositories and found 17,430 live secrets tied to 2,804 domains—including cloud, database, messaging, and OpenAI keys—showing that many organizations still expose long-lived credentials in public code despite some revocations after notification.

5 days ago14 min read

Repo Roulette: Spin the Wheel, Win a Credential

TL;DR — MITRE Top 25 CWE for 2025: It’s Not Zero-Days, It’s Your Auth, Inputs, and Uploads...Again

Identity Theft: The Casino Game Nobody Wanted to Play

Small Town, Big Encryption: A Village Learns Why Offline Backups Matter