Secrets Management stories

JFrog warns 13 GitHub CI/CD workflow flaws, mostly critical, could let attackers hijack pipelines and steal secrets at scale.

Claude Code flaws found by Check Point could let malicious repos run code and grab API keys before developers confirm a project is trusted.

Keeper launches native Jira integrations to tie security incident workflows directly to privileged access approvals while retaining zero-knowledge controls.

BeyondTrust's Pathfinder platform has been named a Leader and Outperformer in GigaOm's 2026 CIEM Radar, praised for unified identity security.

AI has become firms' top data security fear as identity and deepfake threats surge, exposing gaps in visibility, encryption and governance.

AI has overtaken all other threats as the top global data security risk, with firms warning its rapid spread magnifies existing vulnerabilities.

Keeper adopts NIST's Kyber post-quantum cryptography in its password tools, aiming to shield credentials from future quantum attacks.

Rapid AI and cloud adoption is fuelling a new wave of cyber risk, as Tenable warns of exposed software supply chains and “ghost” identities.

Tenable warns businesses that rapid AI and cloud adoption is creating an invisible exposure gap as identity and supply chain risks surge.

Tenable warns cloud and AI adoption is creating a widening 'zero‑margin' security gap as exposure grows faster than defenders can respond.

Adfinis launches Secretz Enterprise, a flat-fee OpenBao-based secrets service promising up to 50% savings and 24/7 support.

12Port adds AI-powered session intelligence to its agentless PAM platform, promising real-time detection and disruption of risky admin activity.

Keeper rolls out SuperShell, a full-screen terminal interface in Keeper Commander for keyboard-first, zero-trust vault and PAM workflows.

Portnox extends zero trust network access to RDP, SSH, VNC and Telnet, promising passwordless admin access and fewer VPN dependencies.

Moltbook left a Supabase key exposed, leaking AI chats, 30,000 emails and 1.5 million API keys in a cautionary tale of vibe coding risk.

Developers granting AI agents broad, unsupervised access to code and systems are creating new software supply chain and data exposure risks.

DryRun launches DeepScan Agent, an AI tool that scans whole codebases in hours to rank real-world security risks and speed remediation.

A security lapse at AI agent service Moltbook exposes risky default database settings, raising fresh alarms over agentic system safeguards.

Keeper Security has launched a 2026 MSP partner drive around its cloud-native KeeperPAM platform, with new tiers, incentives and training.

Teleport launches an agentic AI identity framework to secure autonomous agents with zero trust credentials across cloud and on-prem systems.