Insights, updates & productivity tips

Discover tips, updates, and insights on better task management and teamwork.

Shape

By

Ben Kim

November 17, 2025

Nx Package Supply Chain Attack: In-Depth Analysis of a Global Security Crisis Starting from GitHub Actions Vulnerability

On August 26, 2025, malicious versions of the popular Nx monorepo tool, downloaded 4 million times per week, were published to NPM, resulting in mass theft of sensitive information from developers worldwide. This incident (GHSA-cxm3-wv7p-598c) demonstrated a sophisticated multi-layered attack system, starting from a GitHub Actions pull_request_target workflow vulnerability, leading to NPM token theft, malicious package distribution, and sophisticated data collection exploiting AI CLI tools.

Learn more

By

Ben Kim

November 17, 2025

A Study on Secret Exposure Cases within Vercel Environment Frontend Code: AWS, Stripe, Github Keys Were Exposed

Learn more

By

Ben Kim

November 17, 2025

OWASP NHI5:2025 - Overprivileged NHI In-Depth Analysis and Management

Learn more

By

Cremit Team

November 17, 2025

The 2025 Cybersecurity Landscape: Download the Full Report

Learn more

By

Ben Kim

November 17, 2025

DO NOT PUBLISH - OWASP NHI5:2025 Insecure Authorization Deep Dive

Learn more

By

Ben Kim

November 17, 2025

OWASP NHI4:2025 Insecure Authentication Deep Dive Introduction: The Era of Non-Human Identities Beyond Humans

Learn more

By

Felipe Araujo

November 17, 2025

Beyond Lifecycle Management: Why Continuous Secret Detection is Non-Negotiable for NHI Security

Learn more

By

Ben Kim

November 17, 2025

Navigating the Expanding AI Universe: Deepening Our Understanding of MCP, A2A, and the Imperative of Non-Human Identity Security

Learn more

By

Felipe Araujo

November 17, 2025

Hidden Dangers: Why Detecting Secrets in S3 Buckets is Critical

Learn more

By

Felipe Araujo

November 17, 2025

Stop Secrets Sprawl: Shifting Left for Effective Secret Detection

Learn more

By

Felipe Araujo

November 17, 2025

What Is Secret Detection? A Beginner’s Guide

Learn more

By

Ben Kim

November 17, 2025

Vigilant Ally: Helping Developers Secure GitHub Secrets

Learn more

By

Ben Kim

November 17, 2025

Understanding the OWASP Non-Human Identities (NHI) Top 10 Threats

Learn more

By

Ben Kim

November 17, 2025

Unveiling Nebula: An Open-Source MA-ABE Secrets Vault

Learn more

By

Ben Kim

November 17, 2025

Wake-Up Call: tj-actions/changed-files Compromised NHIs

Learn more

By

Felipe Araujo

November 17, 2025

Stop the Sprawl: Introducing Cremit’s AWS S3 Non-Human Identity Detection

Learn more

By

Ben Kim

November 17, 2025

DevSecOps: Why start with Cremit

Learn more

By

John Choi

November 17, 2025

Credential Leakage Risks Hiding in Frontend Code

Learn more

By

Felipe Araujo

November 17, 2025

Secret Sprawl and Non-Human Identities: The Growing Security Challenge

Learn more

By

Ben Kim

November 17, 2025

OWASP NHI2:2025 Secret Leakage – Understanding and Mitigating the Risks

Learn more

By

Ben Kim

November 17, 2025

OWASP NHI1:2025 Improper Offboarding- A Comprehensive Overview

Learn more

By

Felipe Araujo

November 17, 2025

Rising Data Breach Costs: Secret Detection's Role

Learn more

By

Felipe Araujo

November 17, 2025

Securing Your Software Pipeline: The Role of Secret Detection

Learn more

By

Ben Kim

November 17, 2025

OWASP NHI3:2025 - Vulnerable Third-Party NHI

Learn more

By

Felipe Araujo

November 17, 2025

Human vs. Non-Human Identity: The Key Differentiators

Learn more

By

Ben Kim

November 17, 2025

Microsoft Secrets Leak: A Cybersecurity Wake-Up Call

Learn more

By

Ben Kim

November 17, 2025

Customer Interview: Insights from ENlighten

Learn more

By

Felipe Araujo

November 17, 2025

Build vs. Buy: Making the Right Choice for Secrets Detection

Learn more

By

Ben Kim

November 17, 2025

Full Version of Nebula – UI, New Features, and More!

Learn more

By

John Choi

November 17, 2025

Introducing Probe! Cremit's New Detection Engine

Learn more

By

Ben Kim

November 17, 2025

Bybit Hack Analysis: Strengthening Crypto Exchange Security

Learn more

By

Felipe Araujo

November 17, 2025

Behind the Code: Best Practices for Identifying Hidden Secrets

Learn more

By

Ben Kim

November 17, 2025

Cremit Joins AWS SaaS Spotlight Program

Learn more

By

Felipe Araujo

November 17, 2025

6 Essential Practices for Protecting Non-Human Identities

Learn more

By

Ben Kim

November 17, 2025

OWASP NHI5:2025 - Overprivileged NHI In-Depth Analysis and Management

Learn more

By

Cremit Team

November 17, 2025

The 2025 Cybersecurity Landscape: Download the Full Report

Learn more

By

Cremit Team

November 17, 2025

The 2025 Cybersecurity Landscape: Download the Full Report

Learn more

By

Ben Kim

November 17, 2025

DO NOT PUBLISH - OWASP NHI5:2025 Insecure Authorization Deep Dive

Learn more

By

Ben Kim

November 17, 2025

OWASP NHI4:2025 Insecure Authentication Deep Dive Introduction: The Era of Non-Human Identities Beyond Humans

Learn more

By

Felipe Araujo

November 17, 2025

Beyond Lifecycle Management: Why Continuous Secret Detection is Non-Negotiable for NHI Security

Learn more

Your question  answered

Need answers? We’ve got you covered.

Below are some of the most common questions people ask us. If you can’t find what you’re looking for, feel free to reach out!

Contact us

One breach costs millions. Prevention costs nothing to start.

Discover exposed secrets for free. Upgrade to Enterprise when you're ready to scale

Start Free

Cta Image

Shape Image