Bleeping Computer

GitHub’s secret scanning alerts now available for all public repos

GitHub has announced that its secret scanning alerts service is now generally available to all public repositories and can be enabled to detect leaked secrets across an entire publishing history.
Bleeping Computer

GitHub rolls out free secret scanning for all public repositories

GitHub is rolling out support for the free scanning of exposed secrets (such as credentials and auth tokens) to all public repositories on its code hosting platform. Secret scanning is a security ...
InfoWorld

GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments

Many enterprises use GitHub Action Secrets to store and protect sensitive information such as credentials, API keys, and tokens used in CI/CD workflows. These private repositories are widely assumed ...