ridershow's Avatar

ridershow

@jeremylanfranchi.com

Exploring growth and deep sea with a dash of creativity. Always curious, always learning.

53
Followers 160
Following 5
Posts 02.12.2024
Joined
Posts Following

Latest posts by ridershow @jeremylanfranchi.com

Race Against The Workflows: Stealing GitHub Tokens from Docker Images - Gaëtan Ferry
Race Against The Workflows: Stealing GitHub Tokens from Docker Images - Gaëtan Ferry Your Dockerfile says COPY . . and you think, "What could go wrong?" Turns out: a lot. We're diving into a sneaky GitHub Actions vulnerability where your authentication tokens get stored inside Docker…

Stop what you are doing and watch this amazing talk from someone who I am proud to call a colleague from #GitGuardian.
The level of research Gaëtan does is inspiring

www.youtube.com/watch?v=abDW...

27.01.2026 16:06 👍 1 🔁 1 💬 0 📌 0
Covert Web-to-App Tracking via Localhost on Android

localmess.github.io #FBpixel

10.07.2025 22:32 👍 0 🔁 0 💬 0 📌 0
Post image

#NHIWorkshop at #Identiverse 2025

How to Convince C-Level Decision Makers to Invest in a NHI Program

hosted by Troy Wilkinson with Eli Erlikhman from Sprinklr and Danny Brickman from Oasis Security

03.06.2025 18:28 👍 1 🔁 1 💬 0 📌 0
Post image

#Identiverse 2025

Identity is Security: Securing AI Agents and Non-Human Identities
from Sandeep Kumbhat - Head of Global Field CTO • Okta
and Jamie Fitz-Gerald - Vice President, Product Management • Okta

04.06.2025 23:38 👍 1 🔁 1 💬 0 📌 0
Post image

#Identiverse 2025
Adding NHI Management to Your IAM Program
from Adam Ochayon

04.06.2025 23:04 👍 1 🔁 1 💬 0 📌 0
Post image

#Identiverse 2025 #NHI Pavilion
Unmasking Machine Accounts: How to Govern the Fastest-Growing Identity Risk in Your Enterprise
from Steve Toole

05.06.2025 00:53 👍 1 🔁 1 💬 0 📌 0
Preview
xAI Secret Leak: The Story of a Disclosure AI adoption accelerates secret sprawl as organizations connect to multiple providers. Our investigation of a leaked xAI API key, which granted access to unreleased Grok models, reveals critical flaws ...

A few months ago, our automated detection platform uncovered an xAI API key exposed on public GitHub. What stood out was the key's broad access—not just public models, but unreleased and private ones tied to projects at SpaceX and Tesla.

🚨More details here blog.gitguardian.com/xai-secret-l...

09.05.2025 12:41 👍 0 🔁 1 💬 0 📌 0

👌

17.04.2025 21:46 👍 1 🔁 0 💬 0 📌 0
Preview
Scanning Secrets in Container Registries Secrets buried in container registries pose a silent risk.

🚨 Public or private, container registries aren’t safe from secret leaks.

📦 GitGuardian’s new integration scans Docker Hub, JFrog Artifactory, Amazon ECR, Azure Container Registry, Google Artifact, for exposed secrets. Start securing your pipelines! 🧑‍🔧

s.gitguardian.com/container-re...

24.01.2025 16:58 👍 1 🔁 1 💬 0 📌 0
Preview
How I Accidentally Became an SEO Nerd and What I Learned About SaaS Websites

Accidentally became an SEO pro? Learn actionable SaaS SEO tips—from stalking search intent to killer content & CRO—to turn your site into a conversion machine! #seo

31.12.2024 07:25 👍 3 🔁 1 💬 0 📌 0
Preview
Postman Workspaces Leak 30000 API Keys and Sensitive Tokens Follow us on Bluesky, Twitter (X) and Facebook at @Hackread

Thanks for the article @hackread.bsky.social !

hackread.com/postman-work...

25.12.2024 14:18 👍 0 🔁 0 💬 0 📌 0
Post image

What does everyone think about the last #cloudsek report on #postman API key leaks

25.12.2024 14:17 👍 3 🔁 0 💬 1 📌 0
Preview
Remediation | GitGuardian Explore comprehensive guides on securing sensitive credentials. Learn best practices, remediation steps, and preventative measures to safeguard against leaks and unauthorized access.

Our programmatic SEO program on secrets remediation for devs is pretty neat to help us rank on a wide range of focussed keywords ;)
www.gitguardian.com/remediation

05.12.2024 10:38 👍 1 🔁 0 💬 0 📌 0