HK
Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Top
New
Best
Ask
Show
Jobs
Request
1.
▲
How to clone by commit found via commit referencing to different fork on GitHub?
2 comments
2 years ago
sdnews
5 points
2.
▲
Ask HN: Like Gcloud but with Prepayment Only?
1 comment
2 months ago
julienreszka
1 points
3.
▲
Anyone can access deleted and private repository data on GitHub
trufflesecurity.com
374 comments
2 years ago
__0x1__
1983 points
4.
▲
Google API keys weren't secrets, but then Gemini changed the rules
trufflesecurity.com
304 comments
4 months ago
hiisthisthingon
1291 points
5.
▲
I found a backdoor into my bed
trufflesecurity.com
385 comments
a year ago
riverdroid
980 points
6.
▲
Google’s OAuth login doesn’t protect against purchasing a failed startup domain
trufflesecurity.com
285 comments
a year ago
simiones
503 points
7.
▲
Google OAuth is broken (sort of)
trufflesecurity.com
182 comments
3 years ago
mooreds
350 points
8.
▲
I scanned all of GitHub's "oops commits" for leaked secrets
trufflesecurity.com
110 comments
a year ago
elza_1111
203 points
9.
▲
Driftwood: Know if private keys are sensitive
trufflesecurity.com
20 comments
5 years ago
orangepenguin
78 points
10.
▲
GitLab scan finds 17,000 secrets in public repos, leading to $9000+ in bounties
trufflesecurity.com
12 comments
7 months ago
adrianwaj
30 points
11.
▲
Postman is largest public source of leaked secrets?
trufflesecurity.com
discuss
2 years ago
Letmetest
22 points
12.
▲
How to Scan Force Pushed Commits for Secrets
trufflesecurity.com
6 comments
a year ago
mmcclure
20 points
13.
▲
GCP CloudQuarry: Searching for Secrets in Public GCP Images
trufflesecurity.com
discuss
a year ago
mooreds
18 points
14.
▲
TruffleHog now finds all Deleted and Private Commits on GitHub
trufflesecurity.com
2 comments
2 years ago
riverdroid
15 points
15.
▲
TruffleHog V3: Automatically Validate over 600 API Keys
trufflesecurity.com
1 comment
4 years ago
xssoauth
13 points
16.
▲
Live API Keys and Source Code Leaked in 4,500 of the Top Alexa Sites
trufflesecurity.com
discuss
3 years ago
zricethezav
13 points
17.
▲
Browse millions of secrets leaked in GitHub/NPM via Forager
trufflesecurity.com
3 comments
3 years ago
zricethezav
11 points
18.
▲
Research Finds 12,000 'Live' API Keys and Passwords in DeepSeek's Training Data
trufflesecurity.com
2 comments
a year ago
bathtub365
7 points
19.
▲
Google OAuth is broken (sort of)
trufflesecurity.com
1 comment
3 years ago
SergeAx
5 points
20.
▲
Claude Tried to Hack 30 Companies.Nobody Asked It To
trufflesecurity.com
discuss
3 months ago
ki4jgt
5 points
21.
▲
Of-CORS: a framework for hacking internal apps with open CORS
trufflesecurity.com
discuss
3 years ago
riverdroid
5 points
22.
▲
An API Worm in the Making: Thousands of Secrets Found in Open S3 Buckets
trufflesecurity.com
discuss
6 years ago
riverdroid
5 points
23.
▲
(The) Postman Carries Lots of Secrets
trufflesecurity.com
discuss
2 years ago
emilburzo
4 points
24.
▲
Google OAuth is broken (sort of) [Retain access after being offboarded]
trufflesecurity.com
discuss
3 years ago
srejk
4 points
25.
▲
TruffleHog now finds all Deleted and Private Commits on GitHub (2024)
trufflesecurity.com
discuss
3 months ago
password4321
3 points
26.
▲
Hugging Face Now Automatically Detects Leaked Secrets
trufflesecurity.com
discuss
2 years ago
__0x1__
3 points
27.
▲
Credentials Leaking with Subdomain Takeover
trufflesecurity.com
discuss
2 years ago
ncts
3 points
28.
▲
Email Graffiti: Take over images in old emails
trufflesecurity.com
discuss
4 years ago
xssoauth
3 points
29.
▲
TruffleHog v3: detect and verify 639 key types
trufflesecurity.com
discuss
4 years ago
derac
3 points
30.
▲
Claude Tried to Hack 30 Companies. Nobody Asked It To
trufflesecurity.com
2 comments
4 months ago
riverdroid
2 points
More