Hardcoded GitHub Personal Access Tokens Leak 159 Private Repositories

Our researchers using BeVigil, a security search engine, were able to find 159 private GitHub repositories that contained the source code of 10 organizations. The sole reason why we found their private GitHub repositories was because their repositories contained source code of Android apps with hardcoded Github Personal Access Tokens.

Exposed Payment Integration API Keys Imperil Millions of Users’ Transaction Details and PII

Authors: Arshit Jain and Sai Ahladini Tripathy, BeVigil Team Editor: Isha Tripathi, Information & Analytics Squad Widespread Exposure of API Keys Imperils the Mobile App Ecosystem   APIs have revolutionized how apps are developed and used. They make it easy for developers to build apps that communicate with multiple sources and efficiently manage data flowing to and … Read more