1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Security researcher uncovers 17,000 secrets in Public GitLab repo

    From TechnologyDaily@1337:1/100 to All on Monday, December 01, 2025 13:15:10
    Security researcher uncovers 17,000 secrets in Public GitLab repositories

    Date:
    Mon, 01 Dec 2025 13:05:00 +0000

    Description:
    After scanning the entire public database, he found thousands of secrets that could be used in cyberattacks.

    FULL STORY ======================================================================A researcher found 17,000 exposed secrets in GitLab Cloud repositories Leaked credentials risk hijacks, cryptomining, and deeper infrastructure compromise Marshall automated scans, earned $9,000 in bounties; some projects remain exposed

    A security researcher found thousands of secrets in public GitLab Cloud repositories, demonstrating how software developers are inadvertently putting their own projects at risk of cyberattacks.

    GitLab Cloud is the hosted version of GitLab, a platform developers use to store code, track issues, run CI/CD pipelines, and collaborate on software projects.

    Recently, security researcher Luke Marshall scanned GitLab Cloud, Bitbucket, and Common Crawl, for things like API keys, passwords, or tokens, and found quite a few. On GitLab Cloud there were 17,000 secrets exposed in public repositories, spread across 2,800 unique domains. On Bitbucket, he found more than 6,200 secrets in 2.6 million repositories, and on Common Crawl - 12,000 valid secrets. Automating the scan

    Hackers who find these credentials can hijack cloud accounts , steal data, deploy cryptominers, impersonate services, or pivot deeper into an organizations infrastructure. Even a single leaked token can give attackers long-term access to internal systems, letting them modify code, drain resources, or launch further attacks without being detected.

    While most of the secrets were relatively new (generated after 2018), there were some decades old and still valid, which almost certainly means they were discovered by malicious actors and used in attacks. Most of the secrets were credentials for Google Cloud Platform (GCP), and MongoDB keys. Other notable mentions include Telegram bot tokens, OpenAI keys, and GitLab keys.

    Explaining the process, Marshall said he managed to automate most of it. It took him approximately 24 hours and just under $800 to get it all done. It
    was worth his while, and his money, though, since he allegedly managed to
    pick up around $9,000 in bounties for his efforts. He was able to automate
    the notification process, as well. Many of the notified developers secured their projects, but some remain exposed even now, he said.

    Via BleepingComputer

    Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the
    Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/security-researcher-uncovers-17-000-sec rets-in-public-gitlab-repositories


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)