Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Phantom Secrets Persist in Git SCMs

June 24, 2024
Reading Time: 2 mins read
in Alerts
Phantom Secrets Persist in Git SCMs

Aqua Security’s new research reveals a troubling issue in Git-based Source Code Management (SCM) systems: code containing secrets remains accessible even after deletion. These so-called ‘phantom’ secrets, such as passwords, tokens, and passkeys, continue to be exposed despite removal, primarily because conventional scanning methods often fail to detect them. Aqua’s study highlights that approximately 18% of potentially exposed secrets are missed by typical scanners, which only check repositories accessible via the Git clone command.

In their investigation, Aqua analyzed over 50,000 repositories from top organizations on GitHub and discovered significant security flaws. Among these were API tokens and other sensitive data found in public repositories, including Mozilla’s, which granted access to internal tools and systems. This data could lead to severe security breaches, such as unauthorized access to cloud environments, internal project infrastructure, and telemetry platforms.

Aqua’s findings also revealed exposed Meraki API tokens from Fortune 500 companies and an Azure service principal token from a large healthcare provider. These tokens had high privileges and could be used to access critical systems and perform malicious actions, such as supply chain attacks. The persistence of these secrets in repositories underscores the risks associated with hardcoded credentials and inadequate scanning tools.

To address these risks, Aqua advises developers to avoid hardcoding secrets in code and to consider any exposed secrets as compromised. Security best practices include rotating compromised secrets immediately and removing them from public repositories. Despite advancements in secrets scanning tools, the issue remains prevalent, emphasizing the need for continuous vigilance and robust security practices throughout the software development lifecycle.

Reference:

  • Phantom Secrets Persist in Git Source Code Management Systems Even After Deletion
Tags: APIAqua SecurityCyber AlertsCyber Alerts 2024Cyber threatsGitHealthcareJune 2024MozillaResearchSCMSource Code Management
ADVERTISEMENT

Related Posts

Hackers Use Leaked Shellter License Malware

Windows BitLocker Vulnerability Flaw

July 9, 2025
Hackers Use Leaked Shellter License Malware

Hackers Use Leaked Shellter License Malware

July 9, 2025
Hackers Use Leaked Shellter License Malware

Anatsa Android Trojan Targets 90K Users

July 9, 2025
AMOS Mac Stealer Adds Persistent Backdoor

AMOS Mac Stealer Adds Persistent Backdoor

July 8, 2025
AMOS Mac Stealer Adds Persistent Backdoor

NordDragonScan Malware Steals Windows Data

July 8, 2025
AMOS Mac Stealer Adds Persistent Backdoor

New Ransomware BERT Targets ESXi Systems

July 8, 2025

Latest Alerts

Windows BitLocker Vulnerability Flaw

Anatsa Android Trojan Targets 90K Users

Hackers Use Leaked Shellter License Malware

New Ransomware BERT Targets ESXi Systems

NordDragonScan Malware Steals Windows Data

AMOS Mac Stealer Adds Persistent Backdoor

Subscribe to our newsletter

    Latest Incidents

    Credit Reports Breached And Sold On Dark Web

    Recruiting Software Exposed 26M Resumes

    Norwegian Municipalities Hit by Data Breach

    French Chip Firm Semco Hacked During IPO

    Louis Vuitton Korea Hit By Cyberattack

    Virginia School District Hit By Cyberattack

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial