Stop Putting Your Passwords into Random Websites (Yes, Seriously, You Are the PR
16 hours ago
- #credentials-leak
- #data-exposure
- #cybersecurity
- Exposure of sensitive credentials and secrets on public code formatting websites like JSONFormatter and CodeBeautify.
- Discovery of 80,000+ saved JSON entries containing sensitive data including Active Directory credentials, API keys, and PII.
- Affected organizations span critical sectors like government, finance, healthcare, and cybersecurity.
- Examples of exposed data include Jenkins secrets, PowerShell scripts, Docker Hub credentials, and AWS keys.
- Evidence of active exploitation by malicious actors scraping these platforms for credentials.
- Low response rate from affected organizations despite outreach efforts by researchers.
- Recommendation to avoid using random online tools for handling sensitive data.