Blog Home
PyPI Leaked Token in Binary

Binary secret scanning helped us prevent (what might have been) the worst supply chain attack you can imagine
July 09, 2024

The JFrog Security Research team has recently discovered and reported a leaked access token with administrator access to Python’s, PyPI’s and Python Software Foundation’s GitHub repositories, which was leaked in a public Docker container hosted on Docker Hub. As a community service, the JFrog Security Research team continuously scans public repositories such as Docker Hub, …

Read More
Frogbot secrets detection

Unveiling Secrets Detection with JFrog Frogbot
October 17, 2023

A leap forward in DevOps security In today’s interconnected world, secrets are the keys to unlocking sensitive data and systems. Like hidden gems for attackers, any inadvertent exposure of these secrets could lead to data breaches, unauthorized access, and security compromises. As organizations adopt DevOps practices, artifacts containing secrets are often stored and shared across …

Read More

Popular Tags